27971 matches found
CVE-2025-54718
creationtimestamp| type| source ---|---|--- 2026-01-20 20:11:47+00:00| seen| Telegram/Dq8idxvfZe5fhzXxSGOIklyuUdW9GuQzRcuXaJIrodTXq4...
CVE-2026-1173 birkir prime GraphQL Array Based Query Batch graphql denial of service
A vulnerability was found in birkir prime up to 0.4.0.beta.0. The impacted element is an unknown function of the file /graphql of the component GraphQL Array Based Query Batch Handler. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been made...
CVE-2020-28975
creationtimestamp| type| source ---|---|--- 2026-01-19 00:13:20+00:00| seen| https://gist.github.com/konard/65ced3fd74042bf5ba0737f60d57d145 2026-01-19 00:16:42+00:00| seen| https://gist.github.com/konard/ed57bdf6f23e9388249c3e81f52a7d40 2026-01-19 00:16:50+00:00| seen|...
CVE-2025-15531
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...
CVE-2026-22816
creationtimestamp| type| source ---|---|--- 2026-01-17 01:53:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcliw3rlqm2i...
Fedora 43 : mariadb10.11 (2026-39e035a84c)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-39e035a84c advisory. MariaDB 10.11.15 Release notes: https://mariadb.com/docs/release-notes/community-server/10.11/10.11.15 Tenable has extracted the preceding description block...
CVE-2025-15375
A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/api/controller/Ajax.php of the component arcpagelist Handler. Executing a manipulation of the argument attstr can lead to deserialization. The attack can be launched remotely. Th...
CVE-2025-15189
creationtimestamp| type| source ---|---|--- 2025-12-29 13:22:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mb4wkg5pdg2u 2025-12-29 13:37:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb4xgjil2h2y 2025-12-29 15:11:56+00:00| seen|...
CVE-2025-15175 SohuTV CacheCloud AppController.java appCommandAnalysis cross site scripting
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross site scripting. It is possible to initiate the...
CVE-2025-13624
creationtimestamp| type| source ---|---|--- 2025-12-20 10:55:58+00:00| seen| https://gist.github.com/Darkcrai86/51e5526e5b8a8b1b6d1a325bfbcef97c...
PHP 8.2.x < 8.2.30 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.2.30. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.2.30 advisory. - Debian Linux - php7.4 - None php8.2 - None php8.4 - None Ubuntu Linux - Unknown description CVE-2025-14177, CVE-2025-14178,...
Atlassian Jira 11.x < 11.2.0 XML External Entity Injection
According to its self-reported version number, the Atlassian Jira application running on the remote host is 10.3.x prior to 10.3.13 or 11.x prior to 11.2.0. It is, therefore, affected by a XML External Entity Injection XXE vulnerability. Note that the scanner has not tested for these issues but h...
CVE-2025-43475
creationtimestamp| type| source ---|---|--- 2025-12-16 06:48:31+00:00| seen| https://vulnerability.circl.lu/bundle/c5b7cfe4-31dc-48ad-9aad-8e8bd3c6bf83 2025-12-17 21:50:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ma7nfayiw62o...
Tenable Nessus 10.8.0 <= 10.8.6 / 10.9.0 < 10.9.6 / 10.10.0 <= 10.10.1 / 10.11.0 < 10.11.1 Multiple Vulnerabilities (TNS-2025-24)
According to its self-reported version, the Tenable Nessus application running on the remote host is 10.8.0 prior or equal to 10.8.6, 10.9.0 prior to 10.9.6, 10.10.0 prior or equal to 10.10.1 and 10.11.0 prior to 10.11.1. It is, therefore, affected by multiple vulnerabilities as referenced in the...
Linux Distros Unpatched Vulnerability : CVE-2025-14332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so...
django: Django SQL injection
A potential SQL injection vulnerability has been discovered in the Django web framework. The methods QuerySet.filter, QuerySet.exclude, and QuerySet.get, and the class Q were subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the connector argument...
Linux Distros Unpatched Vulnerability : CVE-2023-53783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by 0 error. echo 8:0 rbps=18446744073709551615...
Security Updates for Microsoft Word Products (December 2025)
The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...
CVE-2025-38734
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
CVE-2025-55749
creationtimestamp| type| source ---|---|--- 2025-12-02 01:19:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6xrm65ean2s 2025-12-11 17:39:34+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-55749.yaml 2025-12-12...