CVE-2025-39938 affecting package kernel for versions less than 6.6.112.1-1

CVE-2025-39938 affecting package kernel for versions less than 6.6.112.1-1. A patched version of the package is available...

CVE-2025-8277 affecting package libssh for versions less than 0.10.6-4

CVE-2025-8277 affecting package libssh for versions less than 0.10.6-4. A patched version of the package is available...

EUVD-2025-26364

A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and...

CVE-2025-64744 OpenObserve Vulnerable to HTML Injection in Organization Invitation Emails

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This indicates that user-controlled input is inserted into the email template without...

CVE-2025-13058

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as...

Linux Distros Unpatched Vulnerability : CVE-2025-40205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the...

UBUNTU-CVE-2025-13058

A security flaw has been discovered in soerennb eXtplorer up to 2.1.15. The affected element is an unknown function of the component Filename Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The patch is identified as...

CVE-2025-57812

CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. In CUPS-Filters versions up to and including 1.28.17...

CVE-2025-57812

CVE-2025-57812, CVE-2025-64503, and CVE-2025-64524 affect cups-filters (and libcupsfilters) across multiple distributions. The Nessus-derived descriptions confirm an out-of-bounds read/write (TIFF processing in imagetoraster cfFilterImageToRaster, _cfImageReadTIFF in libcupsfilters) and related i...

CVE-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

EulerOS 2.0 SP12 : cmake (EulerOS-SA-2025-2349)

According to the versions of the cmake packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file...

Linux Distros Unpatched Vulnerability : CVE-2025-40147

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-throttle: fix access race during throttle policy activation On repeated cold boots we occasionally hit a NULL pointer crash in blkshouldthrotl when...

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2025-2393)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function...

EulerOS 2.0 SP12 : binutils (EulerOS-SA-2025-2316)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file...

CVE-2025-64519

TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In versions up to and including 2.8.8, an authenticated SQL injection vulnerability exists in the moderator control panel modcp.php. Users with moderator permissions can exploit this vulnerability by supplying...

PT-2025-46375

Name of the Vulnerable Software and Affected Versions NVIDIA AIStore affected versions not specified Description NVIDIA AIStore has an issue in its authentication process AuthN that allows an unauthenticated user to potentially disclose information. Exploitation of this issue may lead to...

CVE-2025-64519

TorrentPier (PHP) up to version 2.8.8 is affected by an authenticated SQL injection in the moderator control panel (modcp.php) via the topic_id parameter. The root cause is unsafely embedding the $topic_id input into an SQL query, enabling an authenticated moderator to execute arbitrary SQL with ...

CVE-2025-64507

CVE-2025-64507 affects Incus/LXD: in versions prior to 6.0.6 and 6.19.0 an unprivileged user who can access a container and a host with a custom storage volume that has security.shifted=true may create a setuid binary inside the container and execute it on the host to gain root. The issue require...

Security Advisory EPM November 2025 for EPM 2024

Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses three high vulnerabilities. Successful exploitation could allow a local authenticated attacker to write arbitrary files anywhere on disk. Two of the resolved vulnerabilities, CVE-2025-9713 and CVE-2025-11622, were...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gdb (UTSA-2025-990646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990646 advisory. A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The...