openSUSE: Security Advisory for the Linux Kernel (Live Patch 26 for SLE 15 SP4) (SUSE-SU-2025:0264-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 47 for SLE 15 SP3) (SUSE-SU-2025:0245-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0263-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2025-0027)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5851-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-28766 IBM Security Directory Integrator information disclosure

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system...

InnoShop 安全漏洞

InnoShop is an open source e-commerce system based on Laravel 11 by InnoShop Open Source. A security vulnerability exists in InnoShop V.0.3.8 and earlier versions, which stems from vulnerability to cross-site scripting XSS attacks via SVG file upload...

LunaSVG 安全漏洞

LunaSVG is a standalone C SVG rendering library. A security vulnerability exists in LunaSVG, which stems from the inclusion of a segmentation violation found via the component compositionsourceover. No detailed vulnerability details are provided at this time...

PT-2025-5646 · Asteval · Asteval

Name of the Vulnerable Software and Affected Versions: asteval affected versions not specified Description: The issue arises from how asteval performs attribute access verification, specifically in the on attribute node handler. This handler prevents access to attributes that are either present i...

CVE-2024-13360

The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.8.96 via the wpaicgtroubleshootaddvector. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to...

kernel: arm64/sve: Discard stale CPU state when handling SVE traps

In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIFSVE set and TIFFOREIGNFPSTATE...

PT-2025-2132 · WordPress · Ai Power: Complete Ai Pack

Name of the Vulnerable Software and Affected Versions: AI Power: Complete AI Pack plugin for WordPress versions up to, and including, 1.8.96 Description: The issue allows authenticated attackers with subscriber-level access and above to make web requests to arbitrary locations originating from th...

Oracle MySQL Server 8.0 - 8.0.39, 8.4 - 8.4.2, 9.0 - 9.0.1 Security Update (cpujan2025) - Windows

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system allows a intruder to trigger a service failure.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to integer overflow when processing values of cid. Exploiting this vulnerability can allow an attacker to cause a service failure...

Oracle MySQL Server 安全漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. Oracle MySQL has a security vulnerability in MySQL Server. An attacker can exploit the vulnerability to read a subset of MySQL Server accessible data...

XWiki 6.3-milestone-2 < 13.10.5, 14.0 (14.0-rc-1) < 14.3 SQLi Vulnerability (GHSA-wh34-m772-5398)

Xwiki is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescriptio...

Debian: Security Advisory (DLA-4024-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-21651

In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: 16.324639 Call trace:...

SUSE CVE-2025-21651

In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: 16.324639 Call trace:...

CVE-2025-21651

In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: 16.324639 Call trace:...