CVE-2025-9405 Open5GS gmm-sm.c gmm_state_exception assertion

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmmstateexception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be...

CVE-2025-9397

A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public...

CVE-2025-9397 givanz Vvveb media.php unrestricted upload

A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public...

CVE-2025-9385

A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fixipv6checksums of the file editpacket.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used...

PT-2025-34575 · Unknown · Givanz Vvveb

Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.7.2 Description: A weakness exists in givanz Vvveb that allows for unrestricted file upload. The issue is located in an unknown function within the /system/traits/media.php file. Manipulation of the files...

SUSE CVE-2025-9300

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...

CVE-2025-9301

CVE-2025-9301 affects cmake 4.1.20250725-gb5cce23. The issue is in cmForEachFunctionBlocker::ReplayItems (cmForEachCommand.cxx), allowing a locally launched attacker to trigger a reachable assertion. A public exploit has been disclosed. Patch: 37e27f71bc356d880c908040cd0cb68fa2c371b8. Affected ad...

CVE-2025-9300

CVE-2025-9300 affects libsixel (saitoha/libsixel) up to 1.10.3. The vuln targets the function sixel_debug_print_palette in src/encoder.c (img2sixel) and causes a stack-based buffer overflow. Successful exploitation requires local access; public exploit is available. The patch is identified by com...

TencentOS Server 3: python3.12-setuptools (TSSA-2025:0686)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0686 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Spring Framework 5.3.x < 5.3.44 / 6.1.x < 6.1.22 / 6.2.x < 6.2.10 Path Traversal (CVE-2025-41242)

The version of Spring Framework installed on the remote host is 5.3.x prior to 5.3.44, 6.1.x prior to 6.1.22, or 6.2.x prior to 6.2.810. It is, therefore, affected by a path traversal vulnerability: - Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when...

SUSE CVE-2025-9157

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

JVN#76729865: Multiple vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Use of less trusted source（CWE-348） CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2025-53522 Open...

CVE-2025-9157

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157 appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

CVE-2025-9157 appneta tcpreplay tcprewrite edit_packet.c untrunc_packet use after free

A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untruncpacket of the file src/tcpedit/editpacket.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The...

[SECURITY] [DLA 4275-1] openjdk-17 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4275-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 19, 2025 https://wiki.debian.org/LTS -...

Important: kernel-livepatch-4.14.355-280.652

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 Affected Packages: kernel-livepatch-4.14.355-280.652 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Linux Distros Unpatched Vulnerability : CVE-2022-20565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical was found in Linux Kernel Operating System affected version unknown. Affected by this vulnerability is some unknown...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectati...