26 matches found
ROOT-OS-UBUNTU-2404-CVE-2025-38689 CVE-2025-38689 in rootio-linux - Patched by Root
Root has patched CVE-2025-38689 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-68468 CVE-2025-68468 in rootio-avahi - Patched by Root
Root has patched CVE-2025-68468 in the rootio-avahi package for Root:Debian:12. Multiple fixed versions available...
Oracle Linux 9 : open-vm-tools (ELSA-2025-17428)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-17428 advisory. - ovt-Address-CVE-2025-41244.patch RHEL-117390 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...
CVE-2025-55732
Frappe is a full-stack web application framework. Prior to 15.74.2 and 14.96.15, an attacker could implement SQL injection through specially crafted requests, allowing malicious people to access sensitive information. This vulnerability is a bypass of the official patch released for CVE-2025-5289...
Linux Distros Unpatched Vulnerability : CVE-2025-38326
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aoe: clean device rqlist in aoedevdowndev An aoe device's rqlist contains accepted block requests that are waiting to be transmitted to the aoe target. This que...
CVE-2025-8555
CVE-2025-8555 affects atjiu pybbs up to 6.0.0, where manipulation of the keyword argument in the /search function enables cross-site scripting (XSS). The issue is exploitable remotely; public exploit information has been disclosed. The patch name provided to fix the issue is 2fe4a51afbce0068c291b...
CVE-2025-8551 atjiu pybbs list cross site scripting
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/comment/list. The manipulation of the argument Username leads to cross site scripting. The attack may be launched remotely. The exploit h...
Linux Distros Unpatched Vulnerability : CVE-2025-38189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/v3d: Avoid NULL pointer dereference in v3djobupdatestats The following kernel Oops was recently reported by Mesa CI: 800.139824 Unable to handle kernel NULL...
WordPress Advanced iFrame plugin <= 2025.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Advanced iFrame versions = 2025.5...
WordPress Cena Store Theme <= 2.11.26 is vulnerable to Local File Inclusion
Software Cena Store Type Theme Vulnerable versions = 2.11.26 Fixed in 2.11.27 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48171 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 349bfe1912dd Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an...
WordPress Cloud SAML SSO - Single Sign On Login <= 1.0.18 - Local File Inclusion Vulnerability
WordPress Cloud SAML SSO - Single Sign On Login = 1.0.18 - Local File Inclusion Vulnerability discovered by timomangcut in WordPress Plugin Cloud SAML SSO - Single Sign On Login versions = 1.0.18...
PT-2025-29894 · Undefined · Undefined
‼️ SUSE Alert: CVE-2025-2318 lets attackers gain root access on unpatched Linux systems. Patch via zypper patch --cve=CVE-2025-2318. Read more: 👉 https://t.co/XKBUHDH2TJ LinuxSecurity DevOps https://t.co/GU2X4rraMm...
CVE-2025-32911 affecting package libsoup for versions less than 3.4.4-3
CVE-2025-32911 affecting package libsoup for versions less than 3.4.4-3. A patched version of the package is available...
RHEL 9 : kpatch-patch-5_14_0-570_17_1 (RHSA-2025:10674)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10674 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
CVE-2025-6669 gooaclok819 sublinkX jwt.go hard-coded key
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key . The attack can be initiated remotely. Th...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-076)
The version of kernel installed on the remote host is prior to 5.15.182-123.190. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-076 advisory. In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between...
EulerOS 2.0 SP11 : elfutils (EulerOS-SA-2025-1649)
According to the versions of the elfutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function...
CVE-2025-48879
OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint and through that make the web server component become unresponsive. The issue can be triggered by a broken...
electron{34,35,36} -- Out of bounds read and write in V8
Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2025-5419...