WordPress Juno Theme <= 2.19 is vulnerable to Local File Inclusion

Software Juno Type Theme Vulnerable versions = 2.19 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1d4e77af675c Credits Bonds Required privilege Unauthenticated Published 8...

[SECURITY] [DLA 4293-1] wireless-regdb new upstream version

Debian LTS Advisory DLA-4293-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings September 06, 2025 https://wiki.debian.org/LTS Package : wireless-regdb Version : 2025.07.10-1deb11u1 This update includes the changes in wireless-regdb 2025.07.10, reflecting changes to...

Malicious code in moodle-core_filepicker (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 949643a56d52397b063c5839facff57f6727e833e3f48ffaa24500c64ac29d53 Any computer that has this package installed or running should be considered...

Linux Distros Unpatched Vulnerability : CVE-2022-21713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle use...

Moderate: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.19.10 packages update

Red Hat OpenShift Container Platform release 4.19.10 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Linux Distros Unpatched Vulnerability : CVE-2022-31061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected version...

Linux Distros Unpatched Vulnerability : CVE-2022-31056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected version...

PT-2025-35409

Name of the Vulnerable Software and Affected Versions: givanz Vvveb version 1.0.7.2 Description: A security vulnerability exists in givanz Vvveb 1.0.7.2, affecting an unknown part of the app/template/user/login.tpl file. Manipulation of the Email/Password argument can lead to cross-site scripting...

Linux Distros Unpatched Vulnerability : CVE-2025-9157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c o...

CVE-2025-58059

Valtimo is a platform for Business Process Automation. In versions before 12.16.0.RELEASE, and from 13.0.0.RELEASE to before 13.1.2.RELEASE, any admin that can create or modify and execute process-definitions could gain access to sensitive data or resources. This includes but is not limited to:...

Linux Distros Unpatched Vulnerability : CVE-2022-23481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of...

PT-2025-35122

Name of the Vulnerable Software and Affected Versions Valtimo versions prior to 12.16.0 Valtimo versions 13.0.0 through 13.1.1 Description Valtimo is a platform for Business Process Automation. Administrators with the ability to create, modify, and execute process definitions could gain access to...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.57 security and extras update

Red Hat OpenShift Container Platform release 4.15.57 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of...

Linux Distros Unpatched Vulnerability : CVE-2022-23493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of...

Google Chrome Security Update (stable-channel-update-for-desktop_26-2025-08) - Windows

Google Chrome is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

Linux Distros Unpatched Vulnerability : CVE-2023-1452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality ...

Linux Distros Unpatched Vulnerability : CVE-2022-21704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are...

Linux Distros Unpatched Vulnerability : CVE-2024-24750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Undici is an HTTP/1.1 client, written from scratch for Node.js. In affected versions calling fetchurl and not consuming the incoming body or consuming it very...

Linux Distros Unpatched Vulnerability : CVE-2022-39318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in urbdrc channel. A malicious server c...

CVE-2025-9405

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmmstateexception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be...