Lucene search
K

689 matches found

OSV
OSV
added 2025/05/01 6:15 p.m.5 views

CVE-2025-32884

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages...

6.5CVSS5.8AI score0.00137EPSS
Exploits0References2
OSV
OSV
added 2025/05/01 6:15 p.m.4 views

CVE-2025-32887

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency hopping...

6.5CVSS5.8AI score0.0014EPSS
Exploits0References2
NVD
NVD
added 2025/05/01 6:15 p.m.7 views

CVE-2025-32881

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages...

6.5CVSS0.00137EPSS
Exploits0References2
CVE
CVE
added 2025/05/01 12:0 a.m.52 views

CVE-2025-32881

The CVE-2025-32881 entry concerns goTenna v1 devices with app 5.5.3 and firmware 0.25.5, where the GID default is the user’s phone number unless opted out. The issue is that the GID is not encrypted in messages, creating a potential privacy risk since a phone number can be linked to individuals. ...

6.5CVSS6.7AI score0.00137EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/04/30 12:0 a.m.9 views

Fedora 41 : digikam (2025-5bbbb2df79)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5bbbb2df79 advisory. update internal Libraw to 2025/03/17 snapshot Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

9.8CVSS6.2AI score0.00367EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/30 12:0 a.m.17 views

Fedora 41 : mingw-LibRaw (2025-e7dea91428)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e7dea91428 advisory. Update to LibRaw 0.21.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

9.8CVSS6.2AI score0.00367EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.25 views

Oracle Linux 9 : glibc (ELSA-2025-4244)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4244 advisory. 2.34-125.0.1.8 - Forward-port Oracle patches for ol9-u5 glibc-2.34-125.0.1.8 Reviewed by: David Faust Oracle history: Tenable has extracted the preceding...

6.2CVSS6.6AI score0.00349EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/18 12:0 a.m.8 views

openSUSE 15 Security Update : rubygem-rexml (openSUSE-SU-2025:0129-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0129-1 advisory. rubygem-rexml was updated to 3.3.9: - fixes CVE-2024-49761, CVE-2024-43398, CVE-2024-41946, CVE-2024-41123, CVE-2024-39908, CVE-2024-35176 -...

8.7CVSS7.1AI score0.02064EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2025/04/16 12:0 a.m.13 views

FreeBSD : chromium -- multiple security fixes (bf5d29ea-1a93-11f0-8cb5-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bf5d29ea-1a93-11f0-8cb5-a8a1599412c6 advisory. Chrome Releases reports: This update includes 2 security fixes: Tenable has extracted the...

8.8CVSS7.9AI score0.00366EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/16 12:0 a.m.11 views

Fedora 41 : golang (2025-77ace1a41b)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-77ace1a41b advisory. Includes security fixes to the net/http package, as well as bug fixes to the runtime and the go command. Full changelog. Tenable has extracted the...

9.1CVSS7.3AI score0.01001EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2025/04/11 12:0 a.m.4 views

CVE-2025-32367

The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...

8.6CVSS8.7AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.5 views

Moodle 3.11.x < 3.11.16 phpCAS Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16 or 4.0.x prior to 4.0.10. The phpCAS library included with Moodle has been upgraded to version 1.6.0, which includes a fix for a serious security issue. Note that the...

8CVSS7.4AI score0.01064EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.13 views

Moodle < 3.9.21 SQL injection

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.21, 3.11.x prior to 3.11.14, 4.0.x prior to 4.0.8 or 4.1.x prior to 4.1.3. It is, therefore, affected by a limited SQL injection in functionality used by the Wiki activity when listing pages. Note...

7.3CVSS8.3AI score0.01142EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.14 views

Azure Linux 3.0 Security Update: libreswan (CVE-2023-30570)

The version of libreswan installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-30570 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via...

7.5CVSS6.8AI score0.01175EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/29 12:0 a.m.15 views

CBL Mariner 2.0 Security Update: pytorch (CVE-2024-31580)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31580 advisory. - PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component...

4CVSS5.5AI score0.00223EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/28 11:34 a.m.14 views

CVE-2025-1542

Improper permission control vulnerability in the OXARI ServiceDesk application could allow an attacker using a guest access or an unprivileged account to gain additional administrative permissions in the application.This issue affects OXARI ServiceDesk in versions before 2.0.324.0...

9.3CVSS7.4AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 11:40 a.m.7 views

CVE-2024-11171

In danny-avila/librechat version git 0c2a583, there is an improper input validation vulnerability. The application uses multer middleware for handling multipart file uploads. When using in-memory storage the default setting for multer, there is no limit on the upload file size. This can lead to a...

7.5CVSS6.7AI score0.00761EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-56715)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56715 advisory. - In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on...

5.5CVSS6AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2025/03/18 6:53 p.m.11 views

CVE-2025-29930 imFAQ allows local file inclusion in seo.php

imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...

6.9CVSS6.6AI score0.00355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.11 views

Fedora 40 : thunderbird (2025-4b50cd66a5)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4b50cd66a5 advisory. Update to 128.8.0 https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/...

8.8CVSS6.6AI score0.00519EPSS
Exploits1References13
Rows per page
Query Builder