CVE-2025-23347

CVE-2025-23347 affects NVIDIA Project G-Assist, a component of the NVIDIA GPU Display Driver. The vulnerability allows potential privilege escalation with possible code execution, data tampering, DoS, and information disclosure. The connected advisories show vendor updates addressing this issue a...

GO-2025-3993 Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload in github.com/argoproj/argo-cd

Unauthenticated argocd-server panic via a malicious Bitbucket-Server webhook payload in github.com/argoproj/argo-cd...

GO-2025-3990 go-f3 module vulnerable to integer overflow leading to panic in github.com/filecoin-project/go-f3

go-f3 module vulnerable to integer overflow leading to panic in github.com/filecoin-project/go-f3...

GO-2025-4018 Allstar Reviewbot has Authentication Bypass via Hard-coded Webhook Secret in github.com/ossf/allstar

Allstar Reviewbot has Authentication Bypass via Hard-coded Webhook Secret in github.com/ossf/allstar...

GO-2025-4019 Parallax is vulnerable to DoS via malicious p2p message in github.com/microstack-tech/parallax

Parallax is vulnerable to DoS via malicious p2p message in github.com/microstack-tech/parallax...

GO-2025-3985 kcp is missing update validation allows arbitrary LogicalCluster status patches through initializingworkspaces Virtual Workspace in github.com/kcp-dev/kcp

kcp is missing update validation allows arbitrary LogicalCluster status patches through initializingworkspaces Virtual Workspace in github.com/kcp-dev/kcp...

SUSE-SU-2025:3759-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...

AutomationDirect Productivity Suite 安全漏洞

AutomationDirect Productivity Suite is a programmable logic controller programming software from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect Productivity Suite version 4.4.1.19, which stems from an improper assignment of critical resource permissions and could allow...

PT-2025-43565

Name of the Vulnerable Software and Affected Versions Productivity Suite version 4.4.1.19 Description A relative path traversal ZipSlip issue exists in Productivity Suite software. This allows an attacker who can modify a productivity project to potentially execute arbitrary code on the system...

PT-2025-43539

Name of the Vulnerable Software and Affected Versions NVIDIA Project G-Assist affected versions not specified Description NVIDIA Project G-Assist contains a flaw that could allow an attacker to escalate permissions. Exploitation of this issue may result in code execution, privilege escalation, da...

Oracle Primavera P6 Enterprise Project Portfolio Management (October 2025 CPU)

The versions of Primavera P6 Enterprise Project Portfolio Management installed on the remote host are affected by a vulnerability as referenced in the October 2025 CPU advisory. - Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and...

CVE-2025-62528

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for a project member to put JavaScript in name or description fields which would run on project load. This issue has been patched in version 1.5.0...

Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25476)

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...

PT-2025-43032

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 141.0.7390.122 Description An out-of-bounds memory access issue exists in the V8 JavaScript engine within Google Chrome. This flaw allows a remote attacker to perform out-of-bounds memory access by way of a...

Unspecified Vulnerability in Newforma Project Center Server

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A security vulnerability exists in Newforma Project Center Serve...

Newforma Project Center Server Cross-Site Scripting Vulnerability

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. Newforma Project Center suffers from a cross-site scripting...

Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25862)

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information IELTS vulnerability exists in Newforma Project...

Newforma Project Center Server Code Execution Vulnerability (CNVD-2025-25871)

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. A code execution vulnerability exists in Newforma Project Center...

Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25888)

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...

Newforma Project Center Server Information Disclosure Vulnerability

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...