8295 matches found
Security Bulletin: NVIDIA HGX and DGX VBIOS and LS10 - September 2025
NVIDIA has released a software update for NVIDIA® DGX and HGX vBIOS and LS10 to address the security issues described below. To protect your system, download and install the latest update from the NVIDIA Developer Tools page. Go to NVIDIA Product Security. Details This section provides a summary ...
CVE-2025-9500
The TablePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcodedebug’ parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2025-7426
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...
CVE-2025-9500
The TablePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcodedebug’ parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2025-9500 TablePress <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter
The TablePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcodedebug’ parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2025-9500 TablePress <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter
The TablePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcodedebug’ parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:03023-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03023-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were...
PT-2025-35345
Name of the Vulnerable Software and Affected Versions: TablePress versions prior to 3.3 Description: The TablePress plugin for WordPress is susceptible to Stored Cross-Site Scripting via the shortcode debug parameter due to insufficient input sanitization and output escaping. This allows...
Linux Distros Unpatched Vulnerability : CVE-2020-7237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti 1.2.8 allows Remote Code Execution by privileged users via shell metacharacters in the Performance Boost Debug Log field of pollerautomation.php. OS...
U.S. Dept Of Defense: Information Disclosure via Publicly Accessible Debug Log
A publicly accessible WordPress debug log file was discovered on the target system. The log file contained PHP warnings and deprecated notices that disclosed sensitive server paths and plugin details. This exposure may have assisted an attacker in fingerprinting the environment or exploiting know...
Linux Distros Unpatched Vulnerability : CVE-2020-16269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the...
GHSA-FQQ6-7VQF-W3FG Picklescan is missing detection when calling built-in python doctest.debug_script
Summary Using doctest.debugscript function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to doctest.debugscript function in reduce method Then when the victim...
CVE-2025-25736
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge ADB pre-installed /mnt/c3platpersistent/opt/platform-tools/adb and enabled by default, allowing unauthenticated root shell access to the cellular modem via the...
CVE-2025-25736
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge ADB pre-installed /mnt/c3platpersistent/opt/platform-tools/adb and enabled by default, allowing unauthenticated root shell access to the cellular modem via the...
Kapsch TrafficCom RIS-9260 RSU LEO 安全漏洞
The Kapsch TrafficCom RIS-9260 RSU LEO is a road measurement unit from Kapsch TrafficCom, Austria, with functions for communication and co-management of the vehicle network in intelligent transportation. A security vulnerability exists in the Kapsch TrafficCom RIS-9260 RSU LEO versions...
CVE-2025-25736
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge ADB pre-installed /mnt/c3platpersistent/opt/platform-tools/adb and enabled by default, allowing unauthenticated root shell access to the cellular modem via the...
CVE-2025-25736
Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge ADB pre-installed /mnt/c3platpersistent/opt/platform-tools/adb and enabled by default, allowing unauthenticated root shell access to the cellular modem via the...
PT-2025-34784 · Google +1 · Android Debug Bridge +1
Name of the Vulnerable Software and Affected Versions: Kapsch TrafficCom RIS-9260 RSU LEO versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 Description: The Kapsch TrafficCom RIS-9260 RSU LEO software has the Android Debug Bridge ADB pre-installed and enabled by default. This allows...
CVE-2025-25736
The CVE-2025-25736 entry affects Kapsch TrafficCom RIS-9260 RSU LEO software versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28. The root cause is pre-installed and enabled Android Debug Bridge (ADB) at /mnt/c3platpersistent/opt/platform-tools/adb, allowing unauthenticated root shell access ...
SUSE-SU-2025:20602-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when...