Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2025-089 (ALASDOCKER-2025-089)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-089 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2025-091 (ALASDOCKER-2025-091)

The version of oci-add-hooks installed on the remote host is prior to 0-0.6.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-091 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdoma...

linux-privesc-audit-toolkit

Linux Privilege Escalation Automation Toolkit !Bannerscree...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between dataavail and actual data, which could lead to the reading of outdated data...

TencentOS Server 4: webkitgtk (TSSA-2025:0964)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0964 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

UBUNTU-CVE-2025-58053

Galette is a membership management web application for non profit organizations. Prior to version 1.2.0, while updating any existing account with a self forged POST request, one can gain higher privileges. Version 1.2.0 fixes the issue...

Mozilla Firefox < 3.0.16

The version of Firefox installed on the remote Windows host is prior to 3.0.16. It is, therefore, affected by a vulnerability as referenced in the mfsa2009-68 advisory. - Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticate...

Mozilla Thunderbird < 2.0.0.19

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 2.0.0.19. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2008-68 advisory. - Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,...

IBM MQ 9.1 < 9.1.0.33 LTS / 9.2 < 9.2.0.40 LTS / 9.3 < 9.3.0.36 LTS / 9.3 < 9.4.4.1 CD / 9.4 < 9.4.0.17 LTS / 9.4.4.1 (7254158)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7254158 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions tha...

Why Data Security and Privacy Need to Start in Code

AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid growth in both the number of applications and the pace of change within those applications. Security and privacy teams are under significant pressure as t...

CVE-2025-68065

CVE-2025-68065 affects WordPress Hub Core hub-core (

CVE-2025-55703

An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, whe...

PT-2025-51283

Name of the Vulnerable Software and Affected Versions Sunbird Power IQ versions prior to 9.2.1 Description An error-based SQL injection issue exists in the Power IQ API due to insufficient input validation when handling arrays in an outdated API endpoint. This allows manipulation of SQL queries...

Sunbird Power IQ 安全漏洞

Sunbird Power IQ is a data center infrastructure management software from Sunbird, USA. A security vulnerability exists in Sunbird Power IQ version 9.2.0 that stems from an outdated API endpoint that does not properly validate input and could lead to manipulation of SQL queries...

CVE-2025-55703

An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, whe...

CVE-2025-36745

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local access can exploit these flaws to achieve remote code execution, privilege escalation, or disclosure of sensitive information...

CVE-2025-36745

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local access can exploit these flaws to achieve remote code execution, privilege escalation, or disclosure of sensitive information...

CVE-2025-36745

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local access can exploit these flaws to achieve remote code execution, privilege escalation, or disclosure of sensitive information...

EUVD-2025-203088

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local access can exploit these flaws to achieve remote code execution, privilege escalation, or disclosure of sensitive information...

CVE-2025-36745 SolarEdge SE3680H contains Linux Kernel vulnerabilities

SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local access can exploit these flaws to achieve remote code execution, privilege escalation, or disclosure of sensitive information...