Update: Implementation Guidance for Emergency Directive on Cisco ASA and Firepower Device Vulnerabilities

CISA has released Emergency Cisco Directive 25-03 Implementation Guidance to assist federal agencies in addressing critical vulnerabilities in Cisco Adaptive Security Appliances ASA and Firepower devices. Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices, issu...

Lenovo Scanner Pro 安全漏洞

Lenovo Scanner Pro is a scanner application from Lenovo China. A security vulnerability exists in Lenovo Scanner Pro that originates from an arbitrary file upload and could lead to remote code execution or unauthorized control of the system...

Lenovo Scanner Pro 安全漏洞

Lenovo Scanner Pro is a scanner application from the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Scanner Pro, which stems from a vulnerability that could allow an attacker on the same logical network to disclose sensitive user files in the application under certain...

PT-2025-46692

Name of the Vulnerable Software and Affected Versions Lenovo Scanner Pro client affected versions not specified Description An arbitrary file upload issue exists in the Lenovo Scanner Pro client. This could allow for remote code execution or unauthorized control of a system. Recommendations At th...

PT-2025-46691

Name of the Vulnerable Software and Affected Versions Lenovo Scanner pro affected versions not specified Description An issue was identified in the Lenovo Scanner pro application that, in certain situations, could allow an attacker on the same network to access sensitive user files from the...

EUVD-2025-60952

The USB Qr Code Scanner For Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the settings page. This makes it possible for unauthenticated attackers to update the plugin's settings...

CVE-2025-12588 USB Qr Code Scanner For Woocommerce <= 1.0.0 - Cross-Site Request Forgery to Settings Update

The USB Qr Code Scanner For Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation on the settings page. This makes it possible for unauthenticated attackers to update the plugin's settings...

CVE-2025-12588

CVE-2025-12588 affects the USB Qr Code Scanner For Woocommerce WordPress plugin. The WordPress plugin versions up to 1.0.0 are vulnerable to Cross-Site Request Forgery caused by missing nonce validation on the settings page, allowing unauthenticated attackers to update plugin settings via forged ...

WordPress USB Qr Code Scanner For Woocommerce plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by dayea song - Ahnlab in WordPress Plugin USB Qr Code Scanner For Woocommerce versions = 1.0.0...

Photon OS 4.0: Glib PHSA-2025-4.0-0902

An update of the glib package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0902. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 43 : dotnet8.0 (2025-9171c95e17)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9171c95e17 advisory. This is the October 2025 release of .NET 8. Release Notes: - SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.21/8.0.121.md - Runtime:...

PT-2025-46277

Name of the Vulnerable Software and Affected Versions USB Qr Code Scanner For Woocommerce plugin for WordPress versions prior to 1.0.1 Description The USB Qr Code Scanner For Woocommerce plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is a result of a lack of nonce...

Photon OS 4.0: Rubygem PHSA-2025-4.0-0903

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0903. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Wapiti Web Application Vulnerability Scanner 3.2.9

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...

Motex LanScope Endpoint Manager Client (MR) Installed (Windows)

Binary data motexlanscopeendpointmanagerclientinstalled.nbin...

Wapiti Web Application Vulnerability Scanner 3.2.9 Source Code

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...

F5 WAF For NGINX Installed (Linux)

Binary data f5waffornginxnixinstalled.nbin...

CVE-2025-58972

Path Traversal: '.../...//' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through =...

wcurl Installed (macOS)

Binary data macoswcurlinstalled.nbin...

Linux Distros Unpatched Vulnerability : CVE-2025-12728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific...