USN-7595-4 linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

CVE-2025-37101

A potential security vulnerability has been identified in HPE OneView for VMware vCenter OV4VC. This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation operator can perform admin actions...

CVE-2025-37101 HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege

A potential security vulnerability has been identified in HPE OneView for VMware vCenter OV4VC. This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation operator can perform admin actions...

CVE-2025-37101 HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege

A potential security vulnerability has been identified in HPE OneView for VMware vCenter OV4VC. This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation operator can perform admin actions...

CVE-2025-37101

CVE-2025-37101 concerns HPE OneView for VMware vCenter (OV4VC). The available documents confirm a vulnerability where an attacker with read-only privileges can perform vertical privilege escalation, enabling admin actions. The CVSS 3.1 score is 8.7 (HIGH): attack vector NETWORK, attack complexity...

PT-2025-26933 · Hewlett Packard · Hpe Oneview For Vmware Vcenter

Name of the Vulnerable Software and Affected Versions: HPE OneView for VMware vCenter OV4VC affected versions not specified Description: A potential security issue has been identified that could allow an attacker with read-only privileges to perform vertical privilege escalation, enabling them to...

Hewlett Packard Enterprise OneView for VMware vCenter 安全漏洞

Hewlett Packard Enterprise OneView for VMware vCenter is a VMware vCenter server management software plug-in for managing HPE ProLiant servers and storage systems from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise OneView for VMware vCenter, which...

Photon OS 4.0: Rubygem PHSA-2025-4.0-0820

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0820. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Cpio PHSA-2025-5.0-0537

An update of the cpio package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0537. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

VMware Avi Load Balancer SQL Injection Vulnerability

VMware Avi Load Balancer is a load balancing platform from VMware. VMware Avi Load Balancer suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us

Qilin has quietly become one of the most active and impactful ransomware operations in the world today. If it’s not already on your threat radar, now is the time to take notice. This blog unpacks how Qilin operates, why it’s gaining traction across cybercriminal networks, and what steps security...

Photon OS 4.0: Linux PHSA-2025-4.0-0816

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0816. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

TencentOS Server 2: open-vm-tools (TSSA-2023:0276)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0276 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 2: open-vm-tools (TSSA-2023:0123)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0123 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: open-vm-tools (TSSA-2023:0197)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0197 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-41233

Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8...

Photon OS 4.0: Python3 PHSA-2025-4.0-0815

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0815. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +8 more potentially affected by CVE-2024-38825 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...

heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +8 more potentially affected by CVE-2024-38822 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...

heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +8 more potentially affected by CVE-2025-22240 via salt (=3007.14.0)

salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...