Release Information for Veeam Backup for Microsoft Azure 8.1 Patch 2

Requirements Please confirm that you are running version Veeam Backup for Microsoft Azure 8 build 8.0.0.334 or later before upgrading. You can find the currently installed build number Product version in the About section under Configuration | Support Information | Updates. After installing Veeam...

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute via the SetValue method in the CookieHelper class. The requireSSL...

Linux Distros Unpatched Vulnerability : CVE-2023-39366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

PT-2025-34516 · WordPress · Wptobe-Memberships

Name of the Vulnerable Software and Affected Versions: Wptobe-memberships plugin for WordPress versions through 3.4.2 Description: The Wptobe-memberships plugin for WordPress is susceptible to arbitrary file deletion due to inadequate file path validation within the del img ajax call function...

JVN#46919949: PgManage vulnerable to injection

PgManage provided by Command Prompt, Inc. uses RestrictedPython module. The version of RestrictedPython module imported to PgManage contains vulnerabilities, which are inherited to PgManage CWE-477. Impact A user of the affected product may escape a sandbox and execute arbitrary code. Solution...

PT-2025-32396 · Unknown · Actfax Server

Name of the Vulnerable Software and Affected Versions: ActFax Server version 4.32 Description: A stack-based buffer overflow vulnerability exists in the "Import Users from File" functionality of the client interface. The application does not properly validate the length of tab-delimited fields in...

PT-2025-24294 · Synology · File Station

Name of the Vulnerable Software and Affected Versions: File Station 5 versions prior to 5.5.6.4847 Description: An allocation of resources without limits or throttling issue has been reported. If a remote attacker gains a user account, they can exploit this issue to prevent other systems,...

Debian: Security Advisory (DLA-4192-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4159-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LangChain < 0.0.27 SSRF

The version of LangChain installed on the remote host is prior to 0.0.27. It is, therefore, affected by a server-side request forgery SSRF vulnerability in the function loadlocal in the library libs/community/langchaincommunity/retrievers/tfidf.py of the component TFIDFRetriever. Note that Nessus...

PT-2024-35822 · Unknown · Simple Travel Map

Name of the Vulnerable Software and Affected Versions: Simple Travel Map versions n/a through 0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...

PT-2023-21730 · Unknown · Cloudexplorer Lite

Name of the Vulnerable Software and Affected Versions: cloudexplorer-lite versions prior to v1.1.0 Description: The issue is related to improper access control in the cloudexplorer-lite GitHub repository. Recommendations: For versions prior to v1.1.0, update to version v1.1.0 or later to resolve...

wireshark security, bug fix, and enhancement update

1.8.10-17.0.2 - Fix ocfs2 dissector John Haxby orabug 21505640 1.8.10-17.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-17 - security patches - Resolves: CVE-2015-2189 CVE-2015-2191 1.8.10-16 - security patches - Resolves: CVE-2014-8710 CVE-2014-8711...

Mailreader 2.3.30 - 2.3.31 Multiple Vulnerabilities

Mailreader.com software is installed. A directory traversal flaw allows anybody to read arbitrary files on your system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: Date: Mon, 28 Oct 2002 17:48:04 +0800 From: "pokleyzz" To: "bugtraq" , "Shaharil Abdul Malek" , "sk" , "pokley" ...

IE 7 or above is installed

...