Linux Distros Unpatched Vulnerability : CVE-2026-41435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-41438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

CVE-2026-8580

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-6502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. Chromium security severity: Medium...

Eaton End-of-Life Devices Detection

The current plugin identifies Eaton devices that are end-of-life, i.e., still supported but have a discontinued date announced. Eaton Lifecycle Statuses: - Active: Most current offering within a product category. - End of Life: Discontinued date announced - actively execute migrations and last ti...

CVE-2025-40540

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

CVE-2025-40541

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

CVE-2025-40540

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

CVE-2025-40539

CVE-2025-40539 describes a type confusion vulnerability in SolarWinds Serv-U. The issue allows an attacker to execute arbitrary native code with privileged account privileges, requiring administrative privileges to exploit. The risk can be high in practice, and on Windows deployments the impact i...

CVE-2025-40538 SolarWinds Serv-U Broken Access Control Remote Code Execution Vulnerability

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

PT-2026-1142

Name of the Vulnerable Software and Affected Versions Cloudflare affected versions not specified Description A buffer overflow exists in a simulated API. The issue is identified with a hypothetical identifier. The risk assessment is medium overall, and mitigation is suggested with patches. The...

CVE-2025-40548

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under...

CVE-2025-40547 SolarWinds Serv-U Logic Abuse - Remote Code Execution Vulnerability

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run...

PT-2025-47267

Name of the Vulnerable Software and Affected Versions Serv-U versions 15.5.2 and prior Serv-U versions prior to 15.5.3 Description A logic error exists in Serv-U that, when exploited, could allow an attacker with administrative privileges to execute code. The issue requires administrative access ...

EUVD-2018-3238

Malware in sbrugna...

Advisory ROSA-SA-2025-3022

Software: libarchive 3.6.2 OS: ROSA-CHROME unaffected versions = libarchive-3.6.2-8 affected versions libarchive-3.6.2-8 CVE-ID: CVE-2025-5915 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in libarchive allows a buffer overflow to occur on the heap during filter processing, which could...

PT-2025-37084

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks affected versions not specified Description: The vulnerability involves the cleartext exposure of service account passwords. It is a medium-severity issue. Recommendations: At the moment, there is no information about a new...

WordPress Dokan Pro plugin <= 4.0.5 - Authenticated (Vendor+) Privilege Escalation vulnerability

Authenticated Vendor+ Privilege Escalation vulnerability discovered by Foxyyy in WordPress Plugin Dokan Pro versions = 4.0.5...

WordPress Forms <= 2.9.0 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by astra.r3verii in WordPress Plugin Forms versions = 2.9.0...