41 matches found
ROOT-OS-UBUNTU-2204-CVE-2025-37876 CVE-2025-37876 in rootio-linux - Patched by Root
Root has patched CVE-2025-37876 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
GHSA-PJWM-PJ3P-43MV axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)
Summary shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe still routes through the...
CVE-2025-55262
CVE-2025-55262 affects HCL Aftermarket DPC with a SQL Injection vulnerability that can allow an attacker to retrieve sensitive data from the database. The connected documents confirm the vulnerability and its impact but do not provide specifics on the vulnerable component paths, versions, exploit...
CVE-2025-70039
CVE-2025-70039 affects linagora Twake 2023.Q1.1223 with a CWE-78 OS command injection vulnerability. Base CVSS 3.1: 9.8 (_network, no auth, no user interaction, impact high for confidentiality, integrity, and availability). Root cause: improper neutralization of special elements used in an OS com...
CVE-2025-70044
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in fofolee uTools-quickcommand 5.0.3...
SUSE-SU-2026:20237-1 Security update for cockpit
This update for cockpit fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257324...
CVE-2025-69821
An issue in Beat XP VEGA Smartwatch Firmware Version - RB303ATV006229 allows an attacker to cause a denial of service via the BLE connection...
Linux Distros Unpatched Vulnerability : CVE-2025-71143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 clk:...
CVE-2025-67705
creationtimestamp| type| source ---|---|--- 2026-01-01 00:36:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbd56v7z2r2c 2026-01-02 18:51:10+00:00| seen| Telegram/jewkuyTggD2PWaKrabPFdcCxroyUzLRM-AR1O-LdmNxSvc...
BELL-CVE-2025-68351
Bulletin has no description...
EUVD-2025-205459
FastMCP updated to MCP 1.23+ due to CVE-2025-66416...
Linux Distros Unpatched Vulnerability : CVE-2025-65500
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted...
Fedora: Security Advisory (FEDORA-2025-10d2e6260b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BELL-CVE-2025-40100
Bulletin has no description...
BELL-CVE-2025-40054
Bulletin has no description...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21638)
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
Fedora 43 : sssd (2025-cf4f628312)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cf4f628312 advisory. - Fixes CVE-2025-11561 - Resolves: https://bugzilla.redhat.com/showbug.cgi?id=2402728 After startup SSSD already creates a Kerberos configuration snippet in...
CVE-2025-48984
creationtimestamp| type| source ---|---|--- 2025-10-15 06:49:12+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m37nmxajwl2a 2025-10-15 14:05:45+00:00| seen| https://vulnerability.circl.lu/bundle/cafe2e2f-6c80-497d-93e2-f209820608e6 2025-10-15 20:50:46+00:00| seen|...
PT-2025-42222
CVE-2025-42647 uv found to be a psyop side channel engine...
Important: kernel-livepatch-5.10.238-231.953
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing CVE-2025-38386 Affected Packages: kernel-livepatch-5.10.238-231.953 Issue Correction: Please ensure you have live patching enabled. Run yum update...