CVE-2025-7464

CVE-2025-7464 affects osrg GoBGP up to version 3.37.0. The vulnerability is in SplitRTR (pkg/packet/rtr/rtr.go) where input handling allows an out-of-bounds read, with remote feasibility and high attack complexity. The patch is identified as e748f43496d74946d14fed85c776452e47b99d64; upgrading to ...

WordPress BeeTeam368 Extensions plugin <= 2.3.5 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Marco Wotschka in WordPress Plugin BeeTeam368 Extensions versions = 2.3.5...

CVE-2025-53641 Postiz allows header mutation in middleware facilitates resulting in SSRF

Postiz is an AI social media scheduling tool. From 1.45.1 to 1.62.3, the Postiz frontend application allows an attacker to inject arbitrary HTTP headers into the middleware pipeline. This flaw enables a server-side request forgery SSRF condition, which can be exploited to initiate unauthorized...

Azure Linux 3.0 Security Update: sudo (CVE-2025-32463)

The version of sudo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32463 advisory. - Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user- controll...

WordPress WPC Smart Compare for WooCommerce plugin <= 6.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin WPC Smart Compare for WooCommerce versions = 6.4.6...

WordPress FooGallery plugin <= 2.4.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin FooGallery versions = 2.4.31...

CVE-2024-11584 affecting package cloud-init for versions less than 23.3-7

CVE-2024-11584 affecting package cloud-init for versions less than 23.3-7. A patched version of the package is available...

CVE-2025-53633

CVE-2025-53633 affects Chall-Manager. The vulnerability arises when decoding a scenario (zip archive): the decoded content size is not checked, allowing potential zip-bomb decompression. Exploitation does not require authentication or authorization. A patch was implemented in commit 14042aa and s...

GHSA-GGMV-J932-Q89Q Chall-Manager's HTTP Gateway is vulnerable to DoS due to missing header timeout

Impact The HTTP Gateway processes headers, but with no timeout set. With a Slowloris attack, an attacker could cause Denial of Service DoS. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommende...

GHSA-3GV2-V3JX-R9FH Chall-Manager is vulnerable to Path Traversal when extracting/decoding a zip archive

Impact When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommended to bur...

CVE-2025-22872 affecting package containerd2 for versions less than 2.0.0-9

CVE-2025-22872 affecting package containerd2 for versions less than 2.0.0-9. A patched version of the package is available...

CVE-2023-7008 affecting package systemd-bootstrap for versions less than 250.3-13

CVE-2023-7008 affecting package systemd-bootstrap for versions less than 250.3-13. A patched version of the package is available...

CVE-2024-35790 affecting package kernel for versions less than 5.15.184.1-1

CVE-2024-35790 affecting package kernel for versions less than 5.15.184.1-1. A patched version of the package is available...

CVE-2025-20687

In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481...

WordPress Traveler Theme < 3.2.2 is vulnerable to SQL Injection

Software Traveler Type Theme Vulnerable versions 3.2.2 Fixed in 3.2.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2025-52714 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID d97b1d91ed8e Credits Thái An Required privilege Unauthenticated Published 10...

TencentOS Server 3: osbuild-composer (TSSA-2025:0517)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0517 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: mod_security (TSSA-2025:0491)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0491 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-53366

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually...

CVE-2025-53365 MCP Python SDK has Unhandled Exception in Streamable HTTP Transport ,Leading to Denial of Service

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to version 1.10.0, if a client deliberately triggers an exception after establishing a streamable HTTP session, this can lead to an uncaught ClosedResourceError on the server side, causing...

GHSA-J4RJ-FGCQ-WMQP Cockpit - Content Platform vulnerable to XSS through name or email argument names

A vulnerability was found in Cockpit versions up to 2.11.3. This issue affects some unknown processing instances of the file /system/users/save. The manipulation of the arguments "name" or "email" leads to cross-site scripting. The attack may be initiated remotely. Upgrading to version 2.11.4 wil...