Lucene search
K

5124 matches found

OSV
OSV
added 2025/10/27 8:22 p.m.4 views

CLSA-2025-1761596531 Update of microcode_ctl

Update version - Drop releasenote.md file...

5.8AI score
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/10/27 7:58 a.m.3 views

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20251023T162509 2025-10-23T16:25:09Z jscPED-11136. Go CVE Numbering Authority IDs added or updated with aliases: GO-2025-3979 CVE-2025-59824 GHSA-hqrf-67pm-wgfq GO-2025-3981 CVE-2025-59823 GHSA-227x-7mh8-3cf6...

9.9CVSS7AI score0.02829EPSS
Exploits11References2
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.4 views

PT-2025-43878

Name of the Vulnerable Software and Affected Versions Iqbolshoh php-business-website versions prior to 10677743a8dfc281f85291a27cf63a0bce043c24 Description A cross-site scripting issue exists in Iqbolshoh php-business-website. The issue is located in the admin/contact.php file, where manipulation...

5.1CVSS5.5AI score0.00227EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.6 views

PT-2025-43903

Name of the Vulnerable Software and Affected Versions chatwoot versions up to 4.7.0 Description A security flaw exists in chatwoot affecting the Admin Interface component, specifically within the app/javascript/shared/components/IframeLoader.vue file. Manipulation of the Link argument can lead to...

6.1CVSS5.1AI score0.00367EPSS
Exploits1References9
Amazon
Amazon
added 2025/10/27 12:0 a.m.5 views

Medium: python3.11

Issue Overview: The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be...

4.3CVSS6.7AI score0.00345EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.3 views

PT-2025-43168

Name of the Vulnerable Software and Affected Versions Themefic Hydra Booking versions through 1.1.9 Description A missing authorization issue exists in Themefic Hydra Booking, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Themefic Hydra...

7.5CVSS6.6AI score0.00222EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.7 views

PT-2025-43263

Name of the Vulnerable Software and Affected Versions WooCommerce Orders & Customers Exporter versions through 5.4 Description The software contains a missing authorization issue due to incorrectly configured access control security levels. This allows for exploitation of the access control...

6.5CVSS6.5AI score0.00288EPSS
Exploits0References4
OSV
OSV
added 2025/10/21 2:20 p.m.3 views

CLSA-2025-1761056432 Update of libxslt

Bump version to 1.1.28-6.0.3.tuxcare.els1...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/21 12:0 a.m.5 views

PT-2025-42933

Name of the Vulnerable Software and Affected Versions Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9 through 8.0.8.7 Oracle Financial Services Analytical Applications Infrastructure version 8.1.2.5 Description An easily exploitable issue exists in the Oracle...

6.4CVSS5.9AI score0.00219EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/16 12:0 a.m.4 views

Oracle Linux 8 : webkit2gtk3 (ELSA-2025-18070)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-18070 advisory. 2.50.1-1 - Update to 2.50.1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

9.8CVSS7.7AI score0.00718EPSS
Exploits0References2
OSV
OSV
added 2025/10/14 4:37 a.m.4 views

JLSEC-2025-39 Possible XSS in HTMLSanitizer when using svg elements

Description When adding the style tag to the whitelist, content inside the tag is incorrectly unescaped, and closing tags injected as content are interpreted as real HTML, enabling tag injection and JavaScript execution. This behavior is similar to the sanitization bypass described in CVE-2020-40...

6.9CVSS6.6AI score0.00714EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.6 views

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

5.2CVSS7AI score0.00152EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/13 5:29 p.m.8 views

CVE-2025-61775 Vickey's unexpired email confirmation link can be reused to send repeated confirmation emails

Vickey is a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 where unexpired email confirmation links can be reused multiple times to send repeated confirmation emails to a verified email address. Under certain conditions, a verified email address...

6.9CVSS0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/13 6:57 a.m.8 views

CVE-2025-9265 API Authentication Bypass via Header Spoofing vulnerability in Kiloview NDI N30 Products

A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker to deactivate user verification, giving them access to state changing actions that should only be initiated by administratorsThis issue affects Kiloview NDI N30 and was fixed in Firmware version late...

10CVSS0.0022EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-0d898890e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00611EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/12 12:0 a.m.2 views

Fedora 42 : docker-buildx (2025-0aaef4df82)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0aaef4df82 advisory. - Update to release v0.29.1 - Upstream fixes ---- - Update to release v0.29.0 - Resolves: rhbz2397747, rhbz2398425, rhbz2398679, rhbz2399082,...

6.5CVSS7.4AI score0.00489EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/10/11 12:0 a.m.2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.25-openssl (SUSE-SU-2025:03525-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03525-1 advisory. Update to version 1.25.1, released 2025-09-03 bsc1244485. Security issues fixed: - CVE-2025-47910:...

5.4CVSS8.1AI score0.00308EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/10/10 10:33 a.m.6 views

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.1, released 2025-09-03 bsc1244485. Security issues fixed: CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches bsc1249141. Other issues fixed: go74822 cmd/go: "get...

5.4CVSS6.8AI score0.00308EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.5 views

PT-2025-41334

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow exists in Tenda AC7 routers. The issue is located in an unknown function within the /goform/saveAutoQos file. Exploitation occurs through manipulation of the enable...

9CVSS9.3AI score0.00719EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.4 views

Fedora 42 : mod_http2 (2025-40b7d151db)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-40b7d151db advisory. - version update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

7.5CVSS7.3AI score0.01149EPSS
Exploits0References2
Rows per page
Query Builder