Security Bulletin: NVIDIA TAO - December 2025

NVIDIA has released a software update for NVIDIA TAO. To protect your system, download and install the latest release from the NVIDIA TAO Train Adapt Optimize Toolkit page. Go to NVIDIA Product Security...

Photon OS 5.0: Wireshark PHSA-2025-5.0-0695

An update of the wireshark package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0695. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EUVD-2025-200026

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

PT-2025-48484

Name of the Vulnerable Software and Affected Versions Shirt Pocket SuperDuper! versions 3.10 and earlier Description An issue exists that allows a local attacker to execute arbitrary code via the software update mechanism. Recommendations Update to a version later than 3.10...

CVE-2025-61228

An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute arbitrary code via the software update mechanism...

CVE-2025-61228

CVE-2025-61228 affects Shirt Pocket SuperDuper! versions 3.10 and earlier. The issue allows a local attacker to execute arbitrary code via the software update mechanism. The available sources indicate the vulnerability exists in pre-3.11 builds; mitigation is to update to version 3.11 (or later)....

[SECURITY] Fedora 43 Update: drupal7-7.103-1.fc43

Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure...

Security Bulletin: Multiple vulnerabilities in IBM Security QRadar EDR Software

Summary Multiple vulnerabilities were addressed in IBM Security QRadar EDR Software version 3.12.21 Vulnerability Details CVEID:CVE-2025-58369 DESCRIPTION: fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through...

SUSE: Security Advisory (SUSE-SU-2025:4174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: NVIDIA NeMo Agent Toolkit - November 2025

NVIDIA has released a software update for NVIDIA® NeMo Agent Toolkit. To protect your system, clone or update this software to version 1.3.0 or later from NVIDIA GitHub. The affected sub-module is https://github.com/NVIDIA/NeMo-Agent-Toolkit-UI. Go to NVIDIA Product Security. To protect your...

Photon OS 4.0: Linux PHSA-2025-4.0-0913

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0913. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-63958

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...

CVE-2025-63958

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...

CVE-2025-63958

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...

RHSA-2025:21820 Red Hat Security Advisory: idm:DL1 security update

Bulletin has no description...

Multiple vulnerabilities in LogStare Collector

Overview LogStare Collector provided by LogStare Inc. contains multiple vulnerabilities listed below. Incorrect default permissions for the installation directory CWE-276 - CVE-2025-58097 Stored cross-site scripting vulnerability in UserManagement CWE-79 - CVE-2025-61949 Incorrect authorization i...

TencentOS Server 4: moby (TSSA-2024:1079)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1079 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

PT-2025-46996

Name of the Vulnerable Software and Affected Versions rachelos WeRSS we-mp-rss versions up to 1.4.7 Description A flaw exists in the Webhook Module of rachelos WeRSS we-mp-rss. The do job function within the /rachelos/we-mp-rss/blob/main/jobs/mps.py file is susceptible to server-side request...

Cisco Catalyst Center REST API Command Injection Vulnerability

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...