WordPress WP Crowdfunding plugin <= 2.1.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin WP Crowdfunding versions = 2.1.15...

WordPress Free Woocommerce Product Table View plugin <= 1.78 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Free Woocommerce Product Table View versions = 1.78...

WordPress WPC Smart Linked Products plugin <= 1.3.5 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by theviper17 in WordPress Plugin WPC Smart Linked Products - Upsells & Cross-sells for WooCommerce versions = 1.3.5...

WordPress WpTravelly Plugin <= 1.8.7 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin WpTravelly versions = 1.8.7...

Fedora 41 : qgis (2025-ccb6313749)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ccb6313749 advisory. Fix CVE-2024-55565. ---- Update to 3.40.5. ---- Update to 3.40.4. Tenable has extracted the preceding description block directly from the Fedora security...

EulerOS 2.0 SP13 : libtasn1 (EulerOS-SA-2025-1318)

According to the versions of the libtasn1 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GnuTLS libtasn1 up to 4.19.x Network Encryption Software. It has been classified as problematic. This affects an...

EulerOS 2.0 SP13 : libtasn1 (EulerOS-SA-2025-1335)

According to the versions of the libtasn1 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GnuTLS libtasn1 up to 4.19.x Network Encryption Software. It has been classified as problematic. This affects an...

PT-2025-13582 · Maccms10 · Maccms10

Name of the Vulnerable Software and Affected Versions: maccms10 version 2025.1000.4047 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. This vulnerability can be exploited via the Add Article feature. Recommendations: For maccms10 version 2025.1000.4047, as a...

VulnCheck KEV: CVE-2025-29927

Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching...

PT-2025-16743

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the l3mdev l3 rcv function. This issue occurs when deleting an l3s ipvlan, which can cause a nul...

PYSEC-2025-160

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

CVE-2025-2591

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

CVE-2025-2592

Open Asset Import Library Assimp 5.4.3 contains a heap-based buffer overflow in CSMImporter::InternReadFile (CSMLoader.cpp). This vulnerability can be exploited remotely to potentially execute code. A patch is available (commit 2690e354da0c681db000cfd892a55226788f2743); applying it fixes the issu...

CVE-2025-2591 Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zero

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56593)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56593 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL...

CVE-2025-29786

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

Fedora: Security Advisory (FEDORA-2025-48305c69ad)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : vim (2025-7b21a14892)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7b21a14892 advisory. patchlevel 1202 Security fix for CVE-2025-29768 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

PT-2025-11005

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A double accounting race condition has been identified in the Linux kernel when btrfs run delalloc range fails. This issue can cause the kernel to crash, resulting in a...

JVN#24992507: Multiple vulnerabilities in RemoteView Agent (for Windows)

RemoteView allows a local PC to connect and control remote PCs through the cloud service provided by RSUPPORT Co.,Ltd. On the remote PCs should be installed RemoteView Agent. The following vulnerabilities are reported on RemoteView Agent installation. Incorrect access permission of a specific...