CISA Software Acquisition Guide Supplier Response Web Tool XSS

RISK EVALUATION The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The...

Exploit for CVE-2025-66478

Next.js CVE Auto-Patcher Automation tool written in Go to sca...

GHSA-9GQJ-5W7C-VX47 Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the sandbox policy did not configure any allowed domains. This could allow sandboxed code to make network requests outside of the sandbox. A patch for this was released in v0.0.16. Thank you to...

PT-2025-48646

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'query' parameter in all versions up to, and including, 3.11.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2025-66036 Retro is vulnerable to XSS vulnerability in input handling component

Retro is an online platform providing items of vintage collections. Prior to version 2.4.7, Retro is vulnerable to a cross-site scripting XSS in the input handling component. This issue has been patched in version 2.4.7...

EUVD-2025-199639

The Primakon Pi Portal 1.0.18 API /api/V2/ppudfvadmin endpoint, fails to perform necessary server-side validation. The administrative LoginAs or user impersonation feature is vulnerable to a access control failure. This flaw allows any authenticated low-privileged user to execute a direct PATCH...

PT-2025-48086

Name of the Vulnerable Software and Affected Versions: GeoServer versions 2.26.0 through 2.26.1 and versions prior to 2.25.6 Description: GeoServer is an open-source server for sharing and editing geospatial data. A vulnerability exists due to improper restriction of XML external entity reference...

new-api is vulnerable to SSRF Bypass

Summary A recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur. Because the existing fix only applies security restrictions to the first URL request, a 302 redirect can bypass existing security measures and successful...

CVE-2025-62609

MLX (on Apple silicon) prior to version 0.29.4 is affected by a wild pointer dereference in mlx::core::load_gguf() when loading malicious GGUF files, dereferencing an untrusted pointer from gguflib without validation and causing a crash. The issue stems from loading external GGUF data and manifes...

CVE-2025-65029

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference IDOR vulnerability allows any authenticated user to delete arbitrary participants from polls without ownership verification. The endpoint relies solely on a participant ID to...

CVE-2025-64524 CUPS rastertopclx Filter Vulnerable to Heap Buffer Overflow Leading to Potential Arbitrary Code Execution

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault...

PT-2025-47563

Name of the Vulnerable Software and Affected Versions RomM versions prior to 4.4.1 RomM version 4.4.1-beta.2 Description RomM allows users to scan, enrich, browse, and play their game collections. The software contains multiple unrestricted file upload flaws that permit authenticated users to...

TencentOS Server 2: webkitgtk4 (TSSA-2025:0554)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0554 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CVE-2025-65021 Rallly Has Unauthorized Poll Finalization via Insecure Direct Object Reference (IDOR)

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference IDOR vulnerability exists in the poll finalization feature of the application. Any authenticated user can finalize a poll they do not own by manipulating the pollId parameter in...

CLSA-2025-1762957887 perl-App-cpanminus: Fix of CVE-2024-45321

CVE-2024-45321: patch the code to use https instead of http...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2415)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-12405 Unauthorized access through stored credentials in Looker Studio

An improper privilege management vulnerability was found in Looker Studio. It impacted all JDBC-based connectors. A Looker Studio user with report view access could make a copy of the report and execute arbitrary SQL that would run on the data source database due to the stored credentials attache...

Fedora 43 : mupen64plus (2025-123e2abe71)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-123e2abe71 advisory. Patch CVE-2025-29366 and CVE-2025-29366 There should be no change in behaviour. Tenable has extracted the preceding description block directly from the Fedor...

RHSA-2025:19793 Red Hat Security Advisory: bind9.16 security update

Bulletin has no description...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988948 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at t...