PT-2025-46375

Name of the Vulnerable Software and Affected Versions NVIDIA AIStore affected versions not specified Description NVIDIA AIStore has an issue in its authentication process AuthN that allows an unauthenticated user to potentially disclose information. Exploitation of this issue may lead to...

PT-2025-52909

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free UAF issue related to the management of RAID devices. The problem occurs when removing a RAID device path, potentially leading to a general...

PT-2025-44963

Name of the Vulnerable Software and Affected Versions Everything affected versions not specified Description The service used by Everything, running with SYSTEM privileges, communicates with the Everything GUI using a named pipe. This named pipe has a NULL Discretionary Access Control List DACL,...

PT-2025-44761

Name of the Vulnerable Software and Affected Versions jeecgboot jeewx-boot versions prior to 641ab52c3e1845fec39996d7794c33fb40dad1dd Description A security flaw exists in jeecgboot jeewx-boot. Manipulation of the imgurl argument in the getImgUrl function within the...

Linux Distros Unpatched Vulnerability : CVE-2025-45663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure. CVE-2025-45663 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2025-12206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-58148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can...

Linux Distros Unpatched Vulnerability : CVE-2025-40020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN F...

Linux Distros Unpatched Vulnerability : CVE-2025-40002

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Fix use-after-free in tbdpdprxwork The original code relies on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item...

Linux Distros Unpatched Vulnerability : CVE-2025-60360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit. CVE-2025-60360 Note that Nessus relies on the presence of the package as...

PT-2025-43893

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution through SQL injection. Manipulation of the keywords argument withi...

PT-2025-43968

Name of the Vulnerable Software and Affected Versions Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System version 1.0 Description A flaw exists in the system that allows for cross site scripting. Manipulation of the category id argument in the file...

PT-2025-44004

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description The software allows for the disclosure of email passwords. The issue affects Azure Access Tech BLU-IC2 and BLU-IC4. It is recommended to restrict access and enable...

PT-2025-46556

Name of the Vulnerable Software and Affected Versions Ceph affected versions not specified Description A denial-of-service issue exists in Ceph’s RGW component due to improper input validation. Specifically, providing an empty string as the content for the x-amz-copy-source argument when putting ...

Linux Distros Unpatched Vulnerability : CVE-2025-62491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises...

WordPress External Login plugin <= 1.11.2 - Authenticated (Subscriber+) Sensitive Data Exposure via Test Connection vulnerability

Authenticated Subscriber+ Sensitive Data Exposure via Test Connection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin External Login versions = 1.11.2...

Linux Distros Unpatched Vulnerability : CVE-2018-1335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line o...

PT-2025-42477

Name of the Vulnerable Software and Affected Versions Webmin version 2.510 Description Webmin version 2.510 has a flaw in the password reset functionality forgot send.cgi. The reset link sent to users is created using the HTTP Host header through the get webmin email url function. An attacker can...

CVE-2025-61930 Emlog Pro has CSRF issue that Enables Admin Password Reset

Emlog is an open source website building system. Emlog Pro versions 2.5.19 and earlier are vulnerable to Cross‑Site Request Forgery CSRF on the password change endpoint. An attacker can trick a logged‑in administrator into submitting a crafted POST request to change the admin password without...

Linux Distros Unpatched Vulnerability : CVE-2023-53667

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated min value, but greater...