CVE-2025-64458

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence, django.http.HttpResponseRedirect, django.http.HttpResponsePermanentRedirect, and the shortcut django.shortcuts.redirect were subject to a...

[SECURITY] Fedora 43 Update: rust-collection_literals-1.0.3-1.fc43

Easy-to-use macros for initializing any collection...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990271 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed t...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989588 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in cephreaddir when notelastdentry returns error Reset the lastreaddir at t...

EUVD-2025-37834

EUVD-2025-37834...

EUVD-2025-37509

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.27.1 and below allow attackers to permanently corrupt issue activity logs by submitting extremely long notes tested with 4,788,761 characters due to a lack of server-side validation of note length. Once such a note is added,...

CVE-2025-46556 MantisBT is Vulnerable to Denial-of-Service (DoS) attack via Excessive Note Length

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.27.1 and below allow attackers to permanently corrupt issue activity logs by submitting extremely long notes tested with 4,788,761 characters due to a lack of server-side validation of note length. Once such a note is added,...

MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length

A lack of server-side validation for note length in MantisBT allows attackers to permanently corrupt issue activity logs by submitting extremely long notes tested with 4,788,761 characters. Once such a note is added: Impact - The entire activity stream becomes unviewable UI fails to render. - New...

MINI-RPG7-RX4V-299G

Bulletin has no description...

MINI-C694-RWH4-3XFG

Bulletin has no description...

FreeBSD : python 3.9 -- end of life, not receiving security support (77a0f93a-b71e-11f0-8d86-d7789240c8c2)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 77a0f93a-b71e-11f0-8d86-d7789240c8c2 advisory. Unsupported versions: ... End of life: 2025-10-31. Tenable has extracted the preceding description bloc...

MINI-3CMG-57XM-MRR2

Bulletin has no description...

MINI-M27C-2G3V-7JVP

Bulletin has no description...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Un-sharing of page tables occurs during VMA splitting, not before. Currently, splitvma triggers the un-sharing of hugetlb page tables through vmops-maysplit. This occurs before the VMA lock and rmap locks are taken –...

Fedora 42 : vgrep (2025-6738ea943a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6738ea943a advisory. Rebuild for CVE-2025-47906. https://pkg.go.dev/vuln/GO-2025-3956 Tenable has extracted the preceding description block directly from the Fedora security...

CVE-2025-54605

Bitcoin Core through 29.0 allows Uncontrolled Resource Consumption issue 2 of 2...

DEBIAN-CVE-2025-61101

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkrmtitfaddr function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

CVE-2025-61102

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkadjsid function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

Fedora 41 : squid (2025-252c9276b3)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-252c9276b3 advisory. - security fixes Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

CVE-2025-60932

Multiple stored cross-site scripting XSS vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...