EUVD-2026-22229

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache PDFBox Examples. This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.36, from 3.0.0 through 3.0.7. Users are recommended to update to version 2.0.37 or...

telnetd argument injection vulnerability

Added: 01/26/2026 Background The Telnet service allows remote users to authenticate to a system and use an interactive command shell. The Telnet service is implemented by the Telnet daemon, telnetd. Problem The telnetd program included in GNU Inetutils allows authentication to be bypassed with a ...

PT-2025-44659

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description The software contains a stack overflow issue via the wifiOff parameter in the sub 4232EC function. This allows attackers to cause a Denial of Service DoS through a crafted request...

Fedora: Security Advisory (FEDORA-2025-dbb980101e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-e1bb9ed986)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird Security Update (mfsa_2025-41) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Nextcloud Server Session Handling Vulnerability (GHSA-9h3w-f3h4-qqrh)

Nextcloud Server is prone to a session handling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian: Security Advisory (DLA-4127-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Testimonial Slider and Showcase Pro plugin <= 2.3.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Testimonial Slider And Showcase Pro versions = 2.3.15...

Azure Linux 3.0 Security Update: kernel (CVE-2024-44989)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44989 advisory. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer...

Debian: Security Advisory (DSA-5859-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress ProfilePress Plugin < 4.15.9 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

PT-2025-2519 · Marsian · Marsian I-Amaze

Name of the Vulnerable Software and Affected Versions: Marsian i-amaze versions 1.3.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by tricking the user into...

PT-2024-35822 · Unknown · Simple Travel Map

Name of the Vulnerable Software and Affected Versions: Simple Travel Map versions n/a through 0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

PT-2024-34987 · Unknown · Umar Social Locker

Name of the Vulnerable Software and Affected Versions: Umar Social Locker versions n/a through 1.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows Stored XSS. This means that an attacker can injec...

PT-2024-29638 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.5.x through 9.5.6 Mattermost versions 9.9.x through 9.9.0 Description: The issue allows a malicious remote to set arbitrary RemoteId values for synced users, which can lead to claiming that a user was synced from another...

PT-2024-1535 · Oracle · Oracle E-Business Suite

Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue exists due to insufficient input validation in the Setup, Admin component of the Oracle Knowledge Management system. This can allow a remote attacker to gain read,...

PT-2020-11909 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.6 through 12.8.1 Description: The issue allows information disclosure by sending a specially crafted request to the "vulnerability feedback" endpoint, potentially exposing a private project namespace. Recommendations: Fo...

WordPress Plugin My Category Order <= 2.8 - SQL Injection Vulnerability

No description provided by source. Source: WordPress Plugin: My Category Order = 2.8 mycategoryorder.php / SQL Injection Vulnerability Download: http://wordpress.org/extend/plugins/my-category-order/ No Dork Author: ManhLuat93 at hcegroupdotnet Errors appears only when you have admin control Open...

Fedora 11 : samba-3.4.5-0.47.fc11 (2010-1190)

Tue Jan 26 2010 Guenther Deschner - 3.4.5-0.47 - Security Release, fixes CVE-2009-3297 - resolves: 532940 - Tue Jan 19 2010 Guenther Deschner - 3.4.5-0.46 - Update to 3.4.5 - Thu Jan 7 2010 Guenther Deschner - 3.4.4-0.45 - Update to 3.4.4 - Thu Oct 29 2009 Guenther Deschner - 3.4.3-0.44 - Update...