Photon OS 4.0: Linux PHSA-2025-4.0-0831

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0831. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Apache Tomcat 9.0.0-M1 < 9.0.108 Denial of Service

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.108, 10.1.0-M1 prior to 10.1.44 or 11.0.0-M1 prior to 11.0.10. It is, therefore, affected by a denial of service vulnerability due to Tomcat's HTTP/2 implementation vulnerable to the made you reset attack. Note tha...

Exploit for Unrestricted Upload of File with Dangerous Type in Versa-Networks Versa_Director

Volt Typhoon APT Attack Visualization 🎯 Overview An inter...

GHSA-4342-X723-CH2F vulnerabilities

Vulnerabilities for packages: langfuse, jitsucom-jitsu...

CVE-2018-19708

creationtimestamp| type| source ---|---|--- 2025-08-31 03:13:13+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

Linux Distros Unpatched Vulnerability : CVE-2020-15694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get.contentLength does not raise any error...

Linux Distros Unpatched Vulnerability : CVE-2023-38253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in w3m, in the growbuftoStr function in indep.c. This issue may allow an attacker to cause a denial of service through a...

CGA-F3Q3-H6MX-CW6V

Bulletin has no description...

CGA-VR55-2G25-R3J2

Bulletin has no description...

CGA-VFMJ-G934-VQ24

Bulletin has no description...

CVE-2025-9606

Portabilis i-Educar (up to 2.10; some sources indicate a fix in 2.11) has a SQL injection in /intranet/agenda_preferencias.php via the cod_agenda parameter. The vulnerability allows remote exploitation and the exploit is publicly available. Affected component: the unknown functionality surroundin...

MINI-QGVP-9V3R-M7WQ

Bulletin has no description...

📄 Script Web Delivery

This Metasploit module quickly fires up a web server that serves a payload. The module will provide a command to be run on the target machine based on the selected target. The provided command will download and execute a payload using either a specified scripting language interpreter or...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid point...

One-Class Intrusion Detection with Dynamic Graphs

With the growing digitalization all over the globe, the relevance of network security becomes increasingly important. Machine learning-based intrusion detection constitutes a promising approach for improving security, but it bears several challenges. These include the requirement to detect novel...

AI Security Map: Holistic Organization of AI Security Technologies and Impacts on Stakeholders

As the social implementation of AI has been steadily progressing, research and development related to AI security has also been increasing. However, existing studies have been limited to organizing related techniques, attacks, defenses, and risks in terms of specific domains or AI elements. Thus,...

OESA-2025-1848 git security update

Security Fixes: A vulnerability was found in Microsoft Visual Studio Programming Tool Software affected version not known. It has been classified as problematic.This is going to have an impact on confidentiality, integrity, and availability.Applying a patch is able to eliminate this problem. A...

OS Command Exec, Unix Command Shell, Reverse SCTP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocatsctp msf payloadreversesocatsctp show actions ...actions... msf payloadreversesocatsctp set ACTION msf payloadreversesocatsctp show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Bind TCP (via Ruby) IPv6

Execute an OS command from PHP. Continually listen for a connection and spawn a command shell via Ruby Module Options msf use payload/php/unix/cmd/bindrubyipv6 msf payloadbindrubyipv6 show actions ...actions... msf payloadbindrubyipv6 set ACTION msf payloadbindrubyipv6 show options ...show and se...

Private Geometric Median in Nearly-Linear Time

Whitepaper called Private Geometric Median In Nearly-Linear Time...