Azure Linux 3.0 Security Update: libsoup (CVE-2025-32052)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32052 advisory. - A flaw was found in libsoup. A vulnerability in the sniffunknown function May lead to heap buffer over- rea...

PT-2025-20394 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6681 B20230703 Description: The issue is an authenticated stack overflow that occurs via the ssid5g parameter in the setWiFiEasyGuestCfg function. This allows for potential exploitation. Recommendations: For...

PT-2022-25397 · Zkbio · Zkbio Time

Name of the Vulnerable Software and Affected Versions: ZKBio Time version 8.0.7 Description: A CSV injection issue allows attackers to execute arbitrary code via a crafted payload injected into the Content text field of the Add New Message module. Recommendations: For version 8.0.7, consider...

Unpassworded 'sync' Account

The account 'sync' has no password set. An attacker may use this to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "sync"; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11247; scriptversion"1.34";...