Linux Distros Unpatched Vulnerability : CVE-2022-50857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevic...

[SECURITY] Fedora 42 Update: nginx-mod-naxsi-1.6-12.fc42

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

[SECURITY] Fedora 42 Update: nginx-mod-modsecurity-1.0.4-5.fc42

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 42 Update: nginx-mod-brotli-1.0.0~rc-4.fc42

NGINX module for Brotli compression...

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. Code-Projects Online Product Reservation System version 1.0 has a SQL injection vulnerability, which originates from the incorrect operation of the parameter cat/price/name/model/seri...

CVE-2025-15438

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The...

[SECURITY] Fedora 43 Update: nginx-mod-modsecurity-1.0.4-5.fc43

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 43 Update: nginx-mod-brotli-1.0.0~rc-4.fc43

NGINX module for Brotli compression...

[SECURITY] Fedora 43 Update: nginx-mod-fancyindex-0.5.2-13.fc43

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-12.fc43

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

EUVD-2026-0753

libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in versions 0.10.0 and 0.10.1. The commonly used integration of libtpms with OpenSSL 3.x contained a vulnerability related to the returned IV initialization vector when certain symmetric ciphers were used...

CVE-2025-15438

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The...

UBUNTU-CVE-2025-15438

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The...

CVE-2025-15438 PluXml Media Management medias.php __destruct deserialization

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The...

CVE-2025-61594

A flaw was found in the URI module. A remote attacker could exploit this vulnerability by using the + operator to combine Uniform Resource Identifiers URIs. This bypasses a previous fix and can lead to the leakage of sensitive information, such as user credentials passwords, from the original URI...

libtpms 安全特征问题漏洞

libtpms is a software emulation of a Trusted Platform module by the individual developer Stefan Berger. A security signature issue vulnerability exists in libtpms versions 0.10.0 and 0.10.1, which stems from improperly returning initialization vectors, which could weaken subsequent encryption and...

PluXml 代码问题漏洞

PluXml is a free open source content management system from PluXml Open Source that does not require a database to work. A code issue vulnerability exists in PluXml 5.8.22 and earlier versions, which stems from incorrect manipulation of the parameter File within the file core/admin/medias.php in...

Fedora 43 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8aa169ea14)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8aa169ea14 advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

CVE-2025-15374

A vulnerability was detected in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application/home/model/Ask.php of the component Ask Module. Performing a manipulation of the argument content results in cross site scripting. The attack can be initiated remotely. The...

Exploit for Path Traversal in Huawei Hg255S-10_Firmware

Huawei HG255 Directory Traversal Exploit CVE-2017-17309 Thi...