352 matches found
PT-2025-34474 · Tenda · Tenda O3V2
Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: The Tenda O3V2 device is susceptible to a buffer overflow issue within the fromSafeSetMacFilter function. The vulnerability is triggered by manipulating the mac parameter. Recommendations: Update t...
Linux Distros Unpatched Vulnerability : CVE-2022-26498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much...
Linux Distros Unpatched Vulnerability : CVE-2018-6125
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in USB in Google Chrome on Windows prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information v...
PT-2025-33709
Name of the Vulnerable Software and Affected Versions: Real Spaces - WordPress Properties Directory Theme versions prior to 3.7 Description: The Real Spaces - WordPress Properties Directory Theme for WordPress is susceptible to privilege escalation through the imic agent register function. This...
WordPress RT Easy Builder plugin <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin RT Easy Builder – Advanced addons for Elementor versions = 2.3...
Linux Distros Unpatched Vulnerability : CVE-2025-22125
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md/raid1,raid10: don't ignore IO flags If blk-wbt is enabled by default, it's found that raid write performance is quite bad because all IO are throttled by wbt...
Linux Distros Unpatched Vulnerability : CVE-2021-47587
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared...
Linux Distros Unpatched Vulnerability : CVE-2025-38111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bounds read/write access When using publicly available...
Linux Distros Unpatched Vulnerability : CVE-2021-41991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the...
CVE-2025-8554
A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This issue affects some unknown processing of the file /admin/user/list. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. The exploit has...
CVE-2025-8510 Portabilis i-Educar educar_matricula_lst.php Gerar cross site scripting
A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educarmatriculalst.php. The manipulation of the argument refcodaluno leads to cross site scripting. It is possible to initiate the attack remotely. Th...
CVE-2025-23166 affecting package nodejs for versions less than 20.14.0-9
CVE-2025-23166 affecting package nodejs for versions less than 20.14.0-9. A patched version of the package is available...
CVE-2025-32023
CVE-2025-32023 affects Redis with a stack/heap out-of-bounds write in hyperloglog operations, potentially enabling remote code execution. Affected versions range from 2.8 up to before 8.0.3, and specific 7.x/6.2 lines (8.0.3, 7.4.5, 7.2.10, 6.2.19) are fixed. The root cause is an out-of-bounds wr...
security-advisories
OCaml Security Advisory Database The OCaml Security Advisory...
SUSE SLES15 Security Update : libjxl (SUSE-SU-2025:01883-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01883-1 advisory. - CVE-2024-11403: Fix out of bounds memory read/write in libjxl bsc1233768. Tenable has extracted the preceding description block directly from the SU...
PT-2025-26278 · Unknown · Phpgurukul Emergency Ambulance Hiring Portal
Name of the Vulnerable Software and Affected Versions: PHPGurukul Emergency Ambulance Hiring Portal version 1.0 Description: A critical issue has been found in the PHPGurukul Emergency Ambulance Hiring Portal, affecting an unknown functionality of the file /index.php. The manipulation of the...
PT-2025-26312 · Dell · Powerscale Onefs
Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 Description: The issue is related to an improper neutralization of special elements used in an SQL command, also known as 'SQL injection'. This could be exploited by a low-privileged...
PT-2025-25049 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...
PT-2025-25040 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...
PT-2025-24948 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...