CVE-2025-38471 tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

Improper Access Control

@account-kit/smart-contracts is vulnerable to improper access control. The vulnerability is due to a security issue in old account deployment functions from the factory, which allows an attacker to potentially exploit outdated deployment mechanisms; however, smart wallets in use on all existing...

CVE-2025-7624

An SQL injection vulnerability in the legacy transparent SMTP proxy of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to remote code execution, if a quarantining policy is active for Email and SFOS was upgraded from a version older than 21.0 GA...

PT-2025-31068

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc5-virtme Description The Linux kernel contains a flaw related to TLS socket buffer handling. Recent changes in TCP compaction exposed a bug where the system might operate on outdated socket buffers when...

CVE-2025-7553

A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...

Gogs XSS allowed by stored call in PDF renderer

Summary A stored XSS is present in Gogs which allows client-side Javascript code execution. Details Gogs Version: docker images REPOSITORY TAG IMAGE ID CREATED SIZE gogs/gogs latest fe92583bc4fe 10 hours ago 99.3MB Application version: 0.14.0+dev Local setup using: bash Pull image from Docker Hub...

WordPress Greenmart theme <= 4.2.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Greenmart versions = 4.2.3...

CBL Mariner 2.0 Security Update: mysql (CVE-2025-30704)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30704 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported...

Drupal Enterprise MFA - TFA for Drupal module < 4.8.0,5.2.0,5.0,5.1 - Unauthenticated Broken Access Control vulnerability

Drupal Enterprise MFA - TFA for Drupal module 4.8.0,5.2.0,5.0,5.1 - Unauthenticated Broken Access Control vulnerability discovered by Conrad Lara cmlara in WordPress Module Enterprise MFA - TFA for Drupal versions 4.8.0,5.2.0,5.0,5.1...

AWS VDP: Remote Code Execution in Amazon MWAA due to outdated Apache Airflow version

Explanation: I am a penetration tester working with Siemens. During a collaborative security assessment with an internal team, I discovered a Remote Code Execution RCE vulnerability in an Amazon Managed Workflows for Apache Airflow MWAA environment. I initially reported this issue to the AWS...

CVE-2025-47943

Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting XSS vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated componen...

CVE-2025-52937 Vulnerability in PointCloudLibrary PCL

Vulnerability in PointCloudLibrary PCL surface/src/3rdparty/opennurbs modules. This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib WITHSYSTEMZLIB=FALSE...

FreeBSD : chromium -- multiple security fixes (4323e86c-2422-4fd7-8c8f-ec71c81ea7dd)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4323e86c-2422-4fd7-8c8f-ec71c81ea7dd advisory. Chrome Releases reports: This update includes 3 security fixes: Tenable has extracted the...

TencentOS Server 4: postgresql16 (TSSA-2025:0172)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0172 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: tar (TSSA-2023:0024)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0024 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: ghostscript (TSSA-2022:0123)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0123 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Discourse 安全漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email, and chat rooms. A security vulnerability exists in Discourse versions prior to 3.4.4, prior to 3.5.0.beta5, and prior to 3.5.0.beta6-dev, which stems fr...

Grafana < 10.4.19 Improper Access Control

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.19, or 11.2.x earlier than 11.2.10, or 11.3.x earlier than 11.3.7, or 11.4.x earlier than 11.4.5, or 11.5.x earlier than 11.5.5, or 11.6.x earlier than 11.6.2, or 12.0.x earlier than 12.0.1...

CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...

CVE-2024-23589

Due to outdated Hash algorithm, HCL Glovius Cloud could allow attackers to guess the input data using brute-force or dictionary attacks efficiently using modern hardware such as GPUs or ASICs...