Linux Distros Unpatched Vulnerability : CVE-2025-3641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers an...

Linux Distros Unpatched Vulnerability : CVE-2025-21173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - .NET Elevation of Privilege Vulnerability CVE-2025-21173 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Linux Distros Unpatched Vulnerability : CVE-2020-7009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker...

Linux Distros Unpatched Vulnerability : CVE-2022-31097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable...

Linux Distros Unpatched Vulnerability : CVE-2025-35984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a...

Linux Distros Unpatched Vulnerability : CVE-2025-1767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the...

Linux Distros Unpatched Vulnerability : CVE-2025-50082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and...

Linux Distros Unpatched Vulnerability : CVE-2024-36137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission...

CVE-2025-9801

A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and...

CVE-2025-9801 SimStudioAI sim path traversal

A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of the argument filePath leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and...

CVE-2025-9800

The CVE-2025-9800 entry corresponds to SimStudioAI, where the vulnerability resides in the Import function of the file apps/sim/app/api/files/upload/route.ts within the HTML File Parser component. The root cause is manipulation of the File argument, leading to unrestricted file upload and potenti...

CVE-2024-28988

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...

CVE-2024-28988

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...

CVE-2024-28988

SolarWinds Web Help Desk is affected by a Java deserialization Remote Code Execution flaw that could allow unauthenticated remote commands on the host. Root cause appears to be insecure deserialization in the Web Help Desk component. The vulnerability is addressed by upgrading to 12.8.3 with Hotf...

CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...

CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability was found by the ZDI team after researching a previous vulnerability and providing...

CVE-2025-57799

StreamVault is a multi-platform video parsing and downloading tool. Prior to version 250822, after logging into the StreamVault-system, an attacker can modify certain system parameters, construct malicious commands, execute command injection attacks against the system, and ultimately gain server...

Exploit for CVE-2025-53691

CVE-2025-53691: Remote code execution RCE through insecure...

PT-2025-35515

Name of the Vulnerable Software and Affected Versions: SimStudioAI affected versions not specified Description: A weakness exists in the function Import of the file apps/sim/app/api/files/upload/route.ts within the HTML File Parser component. Manipulation of the File argument can lead to...

Linux Distros Unpatched Vulnerability : CVE-2025-38592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of- bounds via devcoredumpv Currently both devcoredumpv and...