Linux Distros Unpatched Vulnerability : CVE-2025-12206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer...

PT-2025-43893

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution through SQL injection. Manipulation of the keywords argument withi...

PT-2025-43968

Name of the Vulnerable Software and Affected Versions Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System version 1.0 Description A flaw exists in the system that allows for cross site scripting. Manipulation of the category id argument in the file...

Linux Distros Unpatched Vulnerability : CVE-2025-40002

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Fix use-after-free in tbdpdprxwork The original code relies on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item...

Linux Distros Unpatched Vulnerability : CVE-2025-40020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN F...

Linux Distros Unpatched Vulnerability : CVE-2025-58148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can...

PT-2025-44004

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description The software allows for the disclosure of email passwords. The issue affects Azure Access Tech BLU-IC2 and BLU-IC4. It is recommended to restrict access and enable...

Linux Distros Unpatched Vulnerability : CVE-2025-60360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit. CVE-2025-60360 Note that Nessus relies on the presence of the package as...

PT-2025-46556

Name of the Vulnerable Software and Affected Versions Ceph affected versions not specified Description A denial-of-service issue exists in Ceph’s RGW component due to improper input validation. Specifically, providing an empty string as the content for the x-amz-copy-source argument when putting ...

Linux Distros Unpatched Vulnerability : CVE-2025-62491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises...

WordPress External Login plugin <= 1.11.2 - Authenticated (Subscriber+) Sensitive Data Exposure via Test Connection vulnerability

Authenticated Subscriber+ Sensitive Data Exposure via Test Connection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin External Login versions = 1.11.2...

Linux Distros Unpatched Vulnerability : CVE-2018-1335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line o...

PT-2025-42477

Name of the Vulnerable Software and Affected Versions Webmin version 2.510 Description Webmin version 2.510 has a flaw in the password reset functionality forgot send.cgi. The reset link sent to users is created using the HTTP Host header through the get webmin email url function. An attacker can...

CVE-2025-61930 Emlog Pro has CSRF issue that Enables Admin Password Reset

Emlog is an open source website building system. Emlog Pro versions 2.5.19 and earlier are vulnerable to Cross‑Site Request Forgery CSRF on the password change endpoint. An attacker can trick a logged‑in administrator into submitting a crafted POST request to change the admin password without...

PT-2025-41311

Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A security flaw exists in PHPGurukul Beauty Parlour Management System 1.1. The issue involves SQL injection due to manipulation of the searchdata argument within an unknown...

Linux Distros Unpatched Vulnerability : CVE-2023-53517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: do not update mtu if msgmax is too small in mtu negotiation When doing link mtu negotiation, a malicious peer may send Activate msg with a very small mtu,...

Linux Distros Unpatched Vulnerability : CVE-2025-39923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees When we don't have a clock specified in the device tree, we have no way to ensure the BAM is...

Linux Distros Unpatched Vulnerability : CVE-2022-50442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Validate buffer length while parsing index indxread is called when we have some NTFS directory operations that need more information from the index...

Linux Distros Unpatched Vulnerability : CVE-2025-39910

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory usin...

Linux Distros Unpatched Vulnerability : CVE-2023-53593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Release folio lock on fscache read hit. Under the current code, when cifsreadpageworker is called, the call contract is that the callee should unlock the...