PT-2025-27890 · Unknown · Gopiplus Card Flip Image Slideshow

Name of the Vulnerable Software and Affected Versions: gopiplus Card flip image slideshow versions 1.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker cou...

CVE-2025-24332 Authenticated admin user can connect baseband internally from one board to another without needing to re-authentication

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

RHEL 7 : glibc (RHSA-2025:10220)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10220 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cach...

Photon OS 5.0: Yajl PHSA-2025-5.0-0541

An update of the yajl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0541. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 9 : mod_proxy_cluster (RHSA-2025:9997)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9997 advisory. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster:...

PT-2025-27243 · Realtek · Realtek Rtl8762E Ble Sdk

Name of the Vulnerable Software and Affected Versions: Realtek RTL8762E BLE SDK version 1.4.0 Description: The issue in the Bluetooth Low Energy BLE stack allows attackers within Bluetooth range to cause a Denial of Service DoS via sending a specific sequence of crafted control packets...

[SECURITY] Fedora 41 Update: libtpms-0.9.7-1.fc41

A library providing TPM functionality for VMs. Targeted for integration into Qemu...

RHEL 9 : mod_proxy_cluster (RHSA-2025:9434)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9434 advisory. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster:...

[SECURITY] Fedora 42 Update: glibc-2.41-7.fc42

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

Moderate: Red Hat Security Advisory: mod_proxy_cluster security update

An update for modproxycluster is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

PT-2025-26755 · Unknown · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System version 4.0 Description: A critical issue has been found in the PHPGurukul Hospital Management System, affecting some unknown functionality of the file /doctor/search.php. The manipulation of the searchda...

Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

ALSA-2025:9434 Moderate: mod_proxy_cluster security update

The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fixes: modproxycluster: modproxycluster unauthorized MCMP requests CVE-2024-10306 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

CVE-2025-6310

A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Message leads to sql injection. The attack may be launched remotely...

CVE-2025-6478

A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely...

[SECURITY] Fedora 42 Update: libblockdev-3.3.1-1.fc42

The libblockdev is a C library with GObject introspection support that can be used for doing low-level operations with block devices like setting up LVM, BTRFS, LUKS or MD RAID. The library uses plugins LVM, BTRFS,... and serves as a thin wrapper around its plugins' functionality. All the plugins...

PT-2025-26521 · Unknown · Simple Online Hotel Reservation System

Name of the Vulnerable Software and Affected Versions: Simple Online Hotel Reservation System version 1.0 Description: A critical issue was found in the Simple Online Hotel Reservation System, affecting some unknown functionality of the file /admin/edit query account.php. The manipulation of the...

CVE-2025-49986

CVE-2025-49986 is a Missing Authorization vulnerability in the WordPress Video List Manager plugin (versions

CVE-2025-49991

Missing Authorization vulnerability in tggfref WP-Recall allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP-Recall: from n/a through 16.26.14...

CVE-2025-49997 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.18 - Broken Access Control + CSRF Vulnerability

Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress rafflepress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Giveaways and Contests by RafflePress: from n/a through = 1.12.18...