CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

CVE-2025-43203

CVE-2025-43203 affects Apple iOS and iPadOS (versions prior to 18.7/26). The issue is a cache-handling vulnerability that could allow a local attacker with physical access to an unlocked device to view an image in the most recently viewed locked note. Root cause: improper cache handling that perm...

ECHO-BE1E-A4ED-B85C

Bulletin has no description...

PT-2025-37788

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.7 iPadOS versions prior to 18.7 iOS 26 iPadOS 26 Description: The issue was addressed with improved handling of caches. An attacker with physical access to an unlocked device may be able to view an image in the most...

0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +58276 more potentially affected by CVE-2025-59139 via hono (>=4.0.0 <=4.9.6)

hono NPM version =4.0.0, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =1.0.0, =0.3.2, =0.1.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-59139 Source advisory: SNYK:JS-HONO-12668833...

Fedora 41 : civetweb (2025-ed25a8b170)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ed25a8b170 advisory. civetweb 1.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issu...

Security Updates for Microsoft Visio Products C2R (September 2025)

The Microsoft Visio Products are missing a security update. It is, therefore, affected by a remote code execution vulnerability that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instead relied on...

Security Updates for Microsoft Word Products C2R (September 2025)

The Microsoft Word Products are missing security updates. It is, therefore, affected by an information disclosure vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...

Security Updates for Microsoft Office Products C2R (September 2025)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has instea...

CGA-RQ57-8QRX-9FRV

Bulletin has no description...

MINI-RV5P-775M-FG99

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2019-16686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A user with no privileges can inject script to attack the admin. CVE-2019-16686 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2019-17223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 via user/note.php. CVE-2019-17223 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2021-25954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dolibarr application, 2.8.1 to 13.0.4 don't restrict or incorrectly restricts access to a resource from an unauthorized actor. A low privileged attacker can...

Linux Distros Unpatched Vulnerability : CVE-2021-25955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dolibarr ERP CRM, WYSIWYG Editor module, v2.8.1 to v13.0.2 are affected by a stored XSS vulnerability that allows low privileged application users to store...

CVE-2025-10121

A flaw has been found in uverif up to 3.2. This affects the function addbatch of the file /admin/kamilist. This manipulation of the argument note causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10121 uverif kami_list addbatch sql injection

A flaw has been found in uverif up to 3.2. This affects the function addbatch of the file /admin/kamilist. This manipulation of the argument note causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10121 uverif kami_list addbatch sql injection

A flaw has been found in uverif up to 3.2. This affects the function addbatch of the file /admin/kamilist. This manipulation of the argument note causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...