CVE-2025-10096

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

Medium: libtiff

Issue Overview: A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2025-39706

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroyw...

Linux Distros Unpatched Vulnerability : CVE-2025-30162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services an...

CVE-2025-5917 affecting package cmake for versions less than 3.30.3-8

CVE-2025-5917 affecting package cmake for versions less than 3.30.3-8. A patched version of the package is available...

CVE-2025-8177 affecting package libtiff for versions less than 4.6.0-7

CVE-2025-8177 affecting package libtiff for versions less than 4.6.0-7. A patched version of the package is available...

WordPress SimaCookie Plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Mika in WordPress Plugin SimaCookie versions = 1.3.2...

Linux Distros Unpatched Vulnerability : CVE-2021-43815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv...

Linux Distros Unpatched Vulnerability : CVE-2025-58050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists...

Linux Distros Unpatched Vulnerability : CVE-2022-21713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle use...

Linux Distros Unpatched Vulnerability : CVE-2019-14828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to crea...

CVE-2024-28988

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...

Linux Distros Unpatched Vulnerability : CVE-2020-10185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside...

Linux Distros Unpatched Vulnerability : CVE-2017-14737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover...

Linux Distros Unpatched Vulnerability : CVE-2017-2576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. CVE-2017-2576 Note that Nessus relies on the presence of the package as reported...

CVE-2025-9728

A security vulnerability has been detected in givanz Vvveb 1.0.7.2. This affects an unknown part of the file app/template/user/login.tpl. Such manipulation of the argument Email/Password leads to cross site scripting. The attack can be executed remotely. The name of the patch is...

CVE-2025-9805

A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...

CVE-2025-9805 SimStudioAI sim route.ts server-side request forgery

A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...

CVE-2025-9805 SimStudioAI sim route.ts server-side request forgery

A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...

CVE-2025-9805

CVE-2025-9805 affects SimStudioAI Sim up to commit 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2, with a server-side request forgery flaw in apps/sim/app/api/proxy/image/route.ts. The vulnerability can be exploited remotely after processing by the vulnerable code path; exploitation is public. Patch 34...