110 matches found
Axios NPM Distribution Compromised in Supply Chain Attack
A compromised axios maintainer account led to malicious npm releases that propagated across environments. Learn how to assess impact, detect compromise, and secure your development workflows...
Mass FortiGate Symlink Bypass Scanner
FortiGate mass symlink bypass scanner that adds structured validation, impact assessment, and reporting logic. It first verifies whether the target actually appears to be a FortiGate device from Fortinet using fingerprinting heuristics, which reduces false positives. Instead of testing a single...
CVE-2025-0577
An insufficient entropy vulnerability was found in glibc. The getrandom and arc4random family of functions may return predictable randomness if these functions are called again after the fork, which happens concurrently with a call to any of these functions...
EUVD-2006-0285
Malware in sbrugna...
EUVD-2006-0286
Malware in sbrugna...
EUVD-2013-7122
Malware in sbrugna...
EUVD-2025-5883
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs/zmap.c: Fix incorrect offset calculation Effective offset to add to length was being incorrectly calculated, which resulted in iomap-length being set to 0...
CVE-2025-30758
...
CVE-2025-38264
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing. Mitigation Check if Kernel confi...
Wireshark Security Update (wnpa-sec-2023-22) - Linux
Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...
PT-2025-25191 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not available. No details are provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue wa...
Microsoft Edge (Chromium-Based) Multiple Vulnerabilities (Jun 2025)
Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PT-2025-23128 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a rejected CVE ID, which has been unused. No further details are provided about the nature of the issue or its potential impact. Recommendations: At the moment, there is n...
OpenSSL x509 Vulnerability (20250522) - Linux
OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...
CVE-2025-37895
No description is available for this CVE...
WordPress Cost Calculator for Elementor plugin <= 1.3.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Michael in WordPress Plugin Cost Calculator for Elementor versions = 1.3.3...
7-Zip Multiple Vulnerabilities (Apr 2025) - Windows
7zip is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:7-zip:7-zip"; ifdescription...
K000150938: Oracle MySQL vulnerabilities CVE-2025-30693 and CVE-2025-30703
Security Advisory Description CVE-2025-30693 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
Microsoft Office 2016 Elevation of Privilege Vulnerability (KB5002669)
This host is missing an important security update according to Microsoft KB5002669 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...