Linux Distros Unpatched Vulnerability : CVE-2025-8176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file...

Linux Distros Unpatched Vulnerability : CVE-2022-49025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests wi...

Linux Distros Unpatched Vulnerability : CVE-2022-48966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvnetaconfigrss The pp-indir0 value comes from th...

Linux Distros Unpatched Vulnerability : CVE-2025-37878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/core: Fix WARNON!ctx in freeevent for partial init Move the getctxchildctx call and the childevent-ctx assignment to occur immediately after the child even...

CVE-2025-8698 Open5GS AMF Service nsmf-handler.c amf_nsmf_pdusession_handle_release_sm_context assertion

A vulnerability was found in Open5GS up to 2.7.5. It has been classified as problematic. Affected is the function amfnsmfpdusessionhandlereleasesmcontext of the file src/amf/nsmf-handler.c of the component AMF Service. The manipulation leads to reachable assertion. Attacking locally is a...

CVE-2025-8549

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack...

CVE-2025-8549

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack...

CVE-2025-8549

A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack...

CVE-2024-13978

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally...

WordPress Newsletters plugin <= 4.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Newsletters versions = 4.10...

CVE-2025-8225 GNU Binutils DWARF Section dwarf.c process_debug_info memory leak

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patc...

CVE-2025-8224

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

CVE-2025-8224

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

CVE-2025-7949

CVE-2025-7949 affects Sanluan PublicCMS up to version 5.202506.a. The issue is an open redirect caused by manipulation of the url parameter in the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html. It allows remote exploitation, with public disclosure and pote...

CrushFTP 10.x < 10.8.5 / 11.x < 11.3.4_23 Privilege Escalation (CVE-2025-54309)

The CrushFTP application installed on the remote host is missing a vendor-supplied patch. It is, therefore, affected by a vulnerability. CrushFTP 10 before 10.8.5 and 11 before 11.3.423, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to...

CVE-2025-7763

CVE-2025-7763 affects thinkgem JeeSite up to version 5.12.0. The vulnerability lies in the Site Controller’s SiteController.java, where manipulation of the redirect argument in the select function causes an open redirect. Exploitation can be performed remotely, and public disclosure of the exploi...

GHSA-29CQ-5W36-X7W3 Livewire is vulnerable to remote command execution during component property update hydration

Impact In Livewire v3 ≤ 3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions...

WordPress Formality <= 1.5.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by astra.r3verii in WordPress Plugin Formality versions = 1.5.9...

WordPress ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin <= 1.4.9 - Subscriber+ SQL Injection vulnerability

Subscriber+ SQL Injection vulnerability discovered by astra.r3verii in WordPress Plugin ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes versions = 1.4.9...

CVE-2025-53836 XWiki Rendering is vulnerable to RCE attacks when processing nested macros

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricte...