Dstack-Capsule: Pod-Level Remote Attestation for Confidential Workloads on Kubernetes

The rise of LLM-as-a-Service and other confidential cloud workloads demands cryptographic proof that user data is processed in a trusted, untampered environment. Existing solutions, notably Confidential Containers CoCo, enforce a strict "one Pod per VM" model that attests only the Guest OS stack,...

EUVD-2026-10487

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...

Blue-Smiley-Organizer SQL注入漏洞

Blue-Smiley-Organizer is a calendar management tool personally developed by Oliver Antosch. Version 1.32 of Blue-Smiley-Organizer contains an SQL injection vulnerability. This vulnerability stems from the datetime parameter, which allows for SQL injections, potentially enabling unverified attacke...

Fedora 41 : cri-o1.32 (2025-8c88aa0c74)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-8c88aa0c74 advisory. Update to release v1.32.10 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

Fedora 42 : kubernetes1.32 (2025-0131063534)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0131063534 advisory. - Update to release v1.32.10 - Resolves: rhbz2414539 - Resolves: rhbz2398587, rhbz2398848, rhbz2399249, rhbz2399522 - Resolves: rhbz2399703,...

HP Integrated Lights-Out HTML Injection (CVE-2013-4842)

Cross-site scripting XSS vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

HP Integrated Lights-Out Information Disclosure (CVE-2013-4843)

Unspecified vulnerability in HP Integrated Lights-Out 4 iLO4 with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Fedora 41 : cri-o1.32 (2025-e976788728)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e976788728 advisory. - Update to release 1.32.9 - Resolves: rhbz2333357, rhbz2398407, rhbz2398662, rhbz2399064, rhbz2399338 - Upstream fix Tenable has extracted the...

EUVD-2007-2589

Malware in sbrugna...

EUVD-2017-1386

Malware in sbrugna...

EUVD-2002-2349

Malware in sbrugna...

Fedora: Security Advisory (FEDORA-2025-9b52dfdae9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2020-25815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names f...

Linux Distros Unpatched Vulnerability : CVE-2021-30157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and...

SAMSUNG Security Manager 安全漏洞

SAMSUNG Security Manager is a software from Samsung South Korea for managing Samsung security drives. A security vulnerability exists in SAMSUNG Security Manager version 1.32 and 1.4, which stems from an improperly restricted PUT method that could lead to remote code execution...

OPENSUSE-SU-2025:15083-1 rke2-1.32-1.32.4+rke2r1-1.1 on GA media

These are all security issues fixed in the rke2-1.32-1.32.4+rke2r1-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-46599

CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing...

Zyxel USG FLEX 安全漏洞

Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in Zyxel USG FLEX versions prior to V1.32, which stems from improper privilege...

Zyxel USG FLEX 安全漏洞

Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in Zyxel USG FLEX versions prior to V1.32, which stems from improper assignment of...

WordPress Video Gallery for WooCommerce Plugin <= 1.31 is vulnerable to Broken Access Control

Software Video Gallery for WooCommerce Type Plugin Vulnerable versions = 1.31 Fixed in 1.32 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10535 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fc5201d78d06 Credits incognito Require...