Linux Distros Unpatched Vulnerability : CVE-2021-20280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

CVE-2025-31977

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions...

CVE-2025-31977 A cryptographic weakness has been identified in the HCL BigFix Service Management (SM)

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions...

CVE-2025-31977

CVE-2025-31977 concerns HCL BigFix SM and describes a cryptographic weakness due to weak or outdated encryption algorithms. The documents state that an attacker with network access could decrypt or manipulate encrypted communications under certain conditions. The NVD entry and Red Hat advisory co...

PT-2025-35108

Name of the Vulnerable Software and Affected Versions: HCL BigFix SM affected versions not specified Description: HCL BigFix SM is affected by a cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipula...

Linux Distros Unpatched Vulnerability : CVE-2020-13284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token CVE-2020-13284 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2017-7865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideodecodeblockopcode0xA function in...

TencentOS Server 4: mtr (TSSA-2025:0537)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0537 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

x402 SDK vulnerable in outdated versions in resource servers for builders

Impact There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users' keys, smart contracts, or funds. This primarily impacts builders working on resource servers. Patches Please update to the following package versions: x402 = 0.5.2 x402-next = 0.5.2...

GHSA-3J63-5H8P-GF7C x402 SDK vulnerable in outdated versions in resource servers for builders

Impact There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users' keys, smart contracts, or funds. This primarily impacts builders working on resource servers. Patches Please update to the following package versions: x402 = 0.5.2 x402-next = 0.5.2...

Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…...

CVE-2025-49426 WordPress Kitring Theme <= 2.8 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dahz Kitring kitring allows PHP Local File Inclusion.This issue affects Kitring: from n/a through = 2.8...

Linux Distros Unpatched Vulnerability : CVE-2019-12827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in respjsipmessaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash...

CVE-2025-8113

The Ebook Store WordPress plugin before 5.8015 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

PT-2025-33102 · Pypi +1 · Pypdf +1

Name of the Vulnerable Software and Affected Versions: pypdf versions prior to 6.0.0 Description: pypdf is a free and open-source pure-python PDF library. An attacker can craft a PDF file that leads to exhaustion of RAM. This requires only reading the file if a series of FlateDecode filters are...

Eliminate Risk from Older and Unmanaged Java Installations

Older Java installations pose a significant security risk, particularly when developers install them in non-standard locations without any version control. These unmanaged installations often go undetected, silently expanding the organization’s attack surface and leaving critical vulnerabilities...

Siemens POWER METER SICAM Q100和Siemens POWER METER SICAM Q200 安全漏洞

Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 are multifunctional power quality recorders from Siemens, Germany. A security vulnerability exists in Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 versions prior to V2.62, which stems from a plaintext export of...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-101 (ALASKERNEL-5.10-2025-101)

The version of kernel installed on the remote host is prior to 5.10.240-238.959. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-101 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in...

PT-2025-31309

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.6 iPadOS versions prior to 18.6 macOS Sequoia versions prior to 15.6 tvOS versions prior to 18.6 watchOS versions prior to 11.6 visionOS versions prior to 2.6 Description The issue was addressed through improved state...

CVE-2025-38471 tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...