PT-2025-35254

Name of the Vulnerable Software and Affected Versions QNAP License Center versions prior to 1.8.51 QNAP License Center versions prior to 1.9.51 Description A cross-site scripting XSS vulnerability affects QNAP operating system versions. A remote attacker gaining an administrator account can explo...

PT-2025-35179

Name of the Vulnerable Software and Affected Versions: Clinic Image System versions affected versions not specified Description: Clinic Image System developed by Changing is susceptible to a SQL Injection issue. This allows unauthenticated remote attackers to inject arbitrary SQL commands,...

Linux Distros Unpatched Vulnerability : CVE-2021-35545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.28. Easily...

Linux Distros Unpatched Vulnerability : CVE-2024-28580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the ReadData function when reading...

Linux Distros Unpatched Vulnerability : CVE-2017-3469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Workbench component of Oracle MySQL subcomponent: Workbench: Security : Encryption. Supported versions that are affected are 6.3.8 an...

CVE-2025-9255

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

Linux Distros Unpatched Vulnerability : CVE-2023-22000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior t...

Linux Distros Unpatched Vulnerability : CVE-2023-21999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior t...

Linux Distros Unpatched Vulnerability : CVE-2021-42700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. CVE-2021-42700 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2020-14559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 5.6.48 and prior, 5.7....

Linux Distros Unpatched Vulnerability : CVE-2023-21971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.32 and prior. Difficult to...

Linux Distros Unpatched Vulnerability : CVE-2022-21282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracl...

Linux Distros Unpatched Vulnerability : CVE-2019-2791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Audit Plug-in. Supported versions that are affected are 5.7.26 and prior and...

Linux Distros Unpatched Vulnerability : CVE-2019-2944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior t...

CVE-2025-5047 DGN File Parsing Uninitialized Variable Vulnerability

A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

Linux Distros Unpatched Vulnerability : CVE-2021-2308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.23 and prior. Easi...

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

CVE-2025-8914 WellChoose｜Organization Portal System - SQL Injection

Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

CVE-2025-42949

CVE-2025-42949 : A missing authorization check in the ABAP Platform could allow an authenticated user with elevated privileges to bypass authorization for common transactions via the SQL Console and read database table contents, exposing data confidentiality. The impact is limited to confidential...

openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....