Ubuntu: Security Advisory (USN-7339-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7332-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-27773 SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding

The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to...

CVE-2025-24055

CVE-2025-24055 is a Windows USB Video Driver vulnerability described as an out-of-bounds read that could allow an authorized attacker to disclose information with a physical attack. The CVSSv3.1 base score is 4.3 (Medium), with privileges required as Low, attack vector Physical, and impact restri...

Microsoft Streaming Service 安全漏洞

Microsoft Streaming Service is a video platform from Microsoft Corporation USA. A security vulnerability exists in Microsoft Streaming Service. An attacker could exploit the vulnerability to elevate privileges. The following products and editions are affected:Windows 10 Version 1809 for 32-bit...

Microsoft Visual Studio 代码问题漏洞

Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete development toolset that includes most of the tools needed throughout the software life cycle. An elevation of privilege vulnerability exists in Microsoft Visual Studio, which can be exploited by...

CVE-2024-13805

The Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.2.14 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-12809

CVE-2024-12809 affects the Wishlist WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s wishlist_button shortcode, present in all versions up to and including 1.0.43. The root cause is insufficient input sanitization and output escaping on user-supplied attr...

Esri ArcGIS Server Cross-Site Scripting Vulnerability (CNVD-2025-05059)

Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.9.1 through 11.3, which can be exploited by an attacker to create a specially crafted link that, when clicked, m...

Ubuntu: Security Advisory (USN-7330-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PublicCMS 代码问题漏洞

PublicCMS is an open source content management system CMS written in Java language by PublicCMS China. A security vulnerability exists in PublicCMS version v4.0.202406, which originates from the /cms/CmsWebFileAdminController.java component that allows the upload of specially crafted svg or xml...

Slackware: Security Advisory (SSA:2025-064-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2024-1023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP...

Linux Distros Unpatched Vulnerability : CVE-2023-5732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects...

Linux Distros Unpatched Vulnerability : CVE-2019-15031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the...

Linux Distros Unpatched Vulnerability : CVE-2019-15030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exceptio...

Linux Distros Unpatched Vulnerability : CVE-2017-5897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ip6greerr function in net/ipv6/ip6gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6...

Linux Distros Unpatched Vulnerability : CVE-2019-1010204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The...