150 matches found
Debian: Security Advisory (DSA-6014-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA87442 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. Improper Handling of Exceptional...
Debian: Security Advisory (DSA-5972-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-32652 · Siemens · Sinumerik 828D Ppu.4 +6
Name of the Vulnerable Software and Affected Versions: SINUMERIK 828D PPU.4 versions prior to V4.95 SP5 SINUMERIK 828D PPU.5 versions prior to V5.25 SP1 SINUMERIK 840D sl versions prior to V4.95 SP5 SINUMERIK MC versions prior to V1.25 SP1 SINUMERIK MC V1.15 versions prior to V1.15 SP5 SINUMERIK...
Zoom Workplace VDI < 6.3.12 Vulnerability (ZSB-25029)
The version of Zoom Workplace VDI installed on the remote host is prior to 6.3.12. It is, therefore, affected by a vulnerability as referenced in the ZSB-25029 advisory. - Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application...
Vulnerabilities fixed in Citrix NetScaler ADC and NetScaler Gateway
Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway. The vulnerability with reference CVE-2025-5777 involves an Out-of-Bounds Read. This vulnerability arises from insufficient input validation in systems configured as Gateway services. These include VPN virtual servers, ICA...
Microsoft PowerPoint 2016 Multiple RCE Vulnerabilities (KB5002746)
This host is missing an important security update according to Microsoft KB5002746 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
KLA85522 PE vulnerability in Microsoft Apps
An elevation of privilege vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-49738 Related products Microsoft-PC-Manager CVE list CVE-2025-49738 critical Solution Install necessary updates from the KB section,...
CVE-2025-49593 Portainer HTTP Headers May Leak to Malicious Container Registries
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. Prior to STS version 2.31.0 and LTS version 2.27.7, if a Portainer administrator can be convinced to register a maliciou...
Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by multiple critical security vulnerabilities
Summary Multiple critical vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 1.0.296 CVE-2025-32911, CVE-2025-24264 Vulnerability Details CVEID:CVE-2025-32911 DESCRIPTION: A use-after-free type vulnerability was found in libsoup, in the...
Fedora: Security Advisory (FEDORA-2025-3aa9a75a72)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-0042
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols...
CVE-2020-11771
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10...
Security Updates for Microsoft Office Products C2R (May 2025)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-30377, CVE-2025-30386 Note that...
Alibaba Cloud Linux 3 : 0073: grafana (ALINUX3-SA-2021:0073)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0073 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-11110: Grafana through 6.7.1 allo...
Security Bulletin: IBM Cloud Kubernetes Service on Ubuntu20 is affected by a FreeType Remote Code Execution security vulnerability (CVE-2025-27363)
Summary IBM Cloud Kubernetes Service is affected by a FreeType Remote Code Execution security vulnerability CVE-2025-27363 which is included in Ubuntu20 distributions, but not applicable to Ubuntu24 distributions. Vulnerability Details CVE-2025-27363 Description: An out of bounds write exists in...
PT-2025-16960 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.2.0 through 7.4.3.129 Liferay DXP versions 2024.Q4.1 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through 2024.Q3.9 Liferay DXP versions 2024.Q2.0 through 2024.Q2.13 Liferay DXP versions 2024.Q1.1 through...
PT-2025-17209
Name of the Vulnerable Software and Affected Versions libxml2 versions 2.13.7 and earlier, libxml2 versions 2.14.x before 2.14.2 Description The issue is related to a heap-based buffer under-read in the xmlSchemaIDCFillNodeTables function in xmlschemas.c. This can be exploited by validating a...
Drupal Core Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3...
Huawei EulerOS: Security Advisory for gstreamer1-plugins-base (EulerOS-SA-2025-1264)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...