SUSE: Security Advisory (SUSE-SU-2025:03037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-1903)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:03039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:02522-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:03053-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-22423

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-9328

Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-9324

Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must...

Exploit for Out-of-bounds Write in Cisco Rv110W_Firmware

Cisco RV CVE-2019-1663 Simulation A safe Dockerized simulatio...

GHSA-4342-X723-CH2F vulnerabilities

Vulnerabilities for packages: jitsucom-jitsu, langfuse...

CVE-2025-57752 vulnerabilities

Vulnerabilities for packages: jitsucom-jitsu, langfuse...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Exposure of Sensitive System Information Vulnerability (CVE-2025-36162)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD integration point may expose certain sensitive information to an authenticated user. Vulnerability Details CVEID:CVE-2025-36162 DESCRIPTION: IBM DevOps Deploy / IBM UrbanCode Deploy UCD 8.1.x before 8.1.2.2 could allow an authenticated user to...

Bash Profile Persistence

This module writes an execution trigger to the target's Bash profile. The execution trigger executes a call back payload whenever the target user opens a Bash terminal. Verified on Ubuntu 22.04 and 18.04 desktop with Gnome Module Options msf use exploit/linux/persistence/bashprofile msf...

CVE-2025-57775 Heap-based Buffer Overflow when parsing a DSB file with Digilent DASYLab

There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The...

ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header

Summary On the ESP-IDF platform, ESPHome's webserver authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correct value e.g., correct username with partial password. This allows access to webserver functionality...

USN-7729-1: KDE PIM vulnerabilities

Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that the KMail application of KDE PIM could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Und...

CVE-2025-57612

An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the name method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check for a NULL return value from the avgetsamplefmtname C function,...

CVE-2025-57612

An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 Null pointer dereference vulnerability in the name method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check for a NULL return value from the avgetsamplefmtname C function,...

CVE-2025-44017

creationtimestamp| type| source ---|---|--- 2025-09-02 13:37:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxuagdgmoa2r...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 23 (4.2.0.23)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 23 4.2.0.23 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high...