Slackware Linux 15.0 / current httpd Multiple Vulnerabilities (SSA:2025-338-01)

The version of httpd installed on the remote host is prior to 2.4.66. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-338-01 advisory. New httpd packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2025-40245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to...

📄 Microsoft Windows 11 Build 10.0.22631.6199 Registry Vulnerability Testing Tool

This is a C/C++ proof-of-concept PoC program designed to test for a specific vulnerability within the Windows Registry handling mechanism, often related to key duplication or improper permission checks during certain API calls like RegCopyTreeW...

CVE-2025-66476

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

UBUNTU-CVE-2025-66476

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

EUVD-2025-200373

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

CVE-2025-66476

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...

PT-2025-48785

Name of the Vulnerable Software and Affected Versions Vim for Windows versions prior to 9.1.1947 Description Vim is a command line text editor. A flaw exists in Vim for Windows due to an uncontrolled search path issue. When using cmd.exe as a shell, Vim resolves external commands by searching the...

[slackware-security] libxslt

New libxslt packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxslt-1.1.44-i586-1slack15.0.txz: Upgraded. This update addresses some security issues: CVE-2025-9714 Fix: Was a false positive,...

Slackware: Security Advisory (SSA:2025-331-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] cups

New cups packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.15-i586-1slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix various cupsd issues which caus...

Slackware Linux 15.0 / current gnutls Vulnerability (SSA:2025-324-01)

The version of gnutls installed on the remote host is prior to 3.8.11. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-324-01 advisory. New gnutls packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

Slackware: Security Advisory (SSA:2025-322-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] libarchive

New libarchive packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.8.3-i586-1slack15.0.txz: Upgraded. This update contains security fixes and improvements: lib: Create temporary files ...

[slackware-security] xpdf

New xpdf packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xpdf-4.06-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues. For more information, see:...

Slackware Linux 15.0 / current xpdf Multiple Vulnerabilities (SSA:2025-319-01)

The version of xpdf installed on the remote host is prior to 4.06. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-319-01 advisory. New xpdf packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

GHSA-FJH6-8679-9PCH Flowise does not Prevent Bypass of Password Confirmation - Unverified Password Change

Summary Bypass of Password Confirmation - Unverified Password Change authenticated change without current password An authenticated user is allowed to change their account password without supplying the current password or any additional verification. The application does not verify the actor’s...

Adobe InCopy Memory Misreference Vulnerability (CNVD-2025-28655)

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe InCopy, which can be exploited by an attacker to cause arbitrary code to be executed in the current user's environment...