13 matches found
ROOT-OS-DEBIAN-11-CVE-2025-40194 CVE-2025-40194 in rootio-linux - Patched by Root
Root has patched CVE-2025-40194 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
buildah security update
1.41.8-2.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-2 - Rebuild with golang 1.25.7 to fix CVE-2025-68121 - Resolves: RHEL-149617...
CVE-2026-21854 Tarkov Data Manager Authentication Bypass vulnerability
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows any unauthenticated user to gain full admin access to the Tarkov Data Manager admin panel by exploiting a JavaScript prototype property...
CVE-2025-64125
Observation: CVE-2025-64125 affects Nuvation Energy nCloud VPN Service and enables Network Boundary Bridging. The issue is confirmed in multiple feeds (NVD/Red Hat) and is fixed as of 2025-12-01; end users did not need to take mitigation action. The available metrics indicate a high-severity impa...
CVE-2025-13427
An authentication bypass vulnerability in Google Cloud Dialogflow CX Messenger allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents' knowledge and the ability to trigger their intents, by manipulating initialization parameters or crafting specific AP...
CVE-2025-13427
CVE-2025-13427 concerns an authentication bypass in Google Cloud Dialogflow CX Messenger. The vulnerability allowed unauthenticated users to interact with restricted chat agents, gaining access to the agents’ knowledge and the ability to trigger their intents by manipulating initialization parame...
CVE-2025-12952
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...
CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...
PT-2025-50307
A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...
Exploit for Missing Authentication for Critical Function in Oracle Marketing
🧠 CVE-2025-53072 – Oracle Marketing Critical Remote Exploit...
CVE-2025-8712
Ivanti reports a missing authorization flaw (CVE-2025-8712) affecting Ivanti Connect Secure before 22.7R2.9/22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 22.8R2.3-723, and Ivanti Neurons for Secure Access before 22.8R1.4. The issue allows a remote authenticated attacker ...
openSUSE Security Advisory (SUSE-SU-2025:1430-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2025-0518
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed:...