Linux Distros Unpatched Vulnerability : CVE-2025-0825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters \r\n when those are prefixed with a null byte. This enables attackers to exploit CRL...

SUSE-SU-2025:02837-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of '', '.' and '..' in some PATH...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

database/sql: Postgres Scan Race Condition

A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...

Linux Distros Unpatched Vulnerability : CVE-2014-9900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ethtoolgetwol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not...

Linux Distros Unpatched Vulnerability : CVE-2021-44460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows users with deactivated accounts to access the system with...

Malicious code in eslint-plugin-i18n-scan (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 24f25e113ba45d8c8835196aef1b368f2a1e4fb1aecdc17e3a6d47db15371e04 The OpenSSF Package Analysis project identified...

Malicious code in eslint-config-i18n-scan (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 201f83a69c354c3a004e8b9fd7a778bba4540bc35b88fe6eeaac043b0d6dcd18 The OpenSSF Package Analysis project identified...

CVE-2025-8013

CVE-2025-8013 affects the Quttera Web Malware Scanner WordPress plugin and is an authenticated SSRF vulnerability via RunExternalScan in all versions up to 3.5.1.41. Exploitation requires Administrator-level access or higher and enables the attacker to trigger web requests to arbitrary locations ...

CVE-2025-8013 Quttera Web Malware Scanner <= 3.5.1.41 - Authenticated (Administrator+) Server-Side Request Forgery

The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.5.1.41 via the 'RunExternalScan' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests ...

WordPress plugin Quttera Web Malware Scanner 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2025-33447 · WordPress · Quttera Web Malware Scanner

Name of the Vulnerable Software and Affected Versions: Quttera Web Malware Scanner for WordPress versions up to and including 3.5.1.41 Description: The Quttera Web Malware Scanner plugin for WordPress is susceptible to Server-Side Request Forgery via the RunExternalScan function. Authenticated...

Malicious code in @tiger-team/scan (npm)

The package @tiger-team/scan was found to contain malicious code...

MAL-2025-9562 Malicious code in @tiger-team/scan (npm)

The package @tiger-team/scan was found to contain malicious code...

Exploit for Deserialization of Untrusted Data in Microsoft

🚀 SharePoint CVE-2025-53770 RCE Vulnerability Checker !Licen...

SUSE-SU-2025:02760-1 Security update for go1.24

This update for go1.24 fixes the following issues: - Update to go1.24.6: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go73800 runtime: RSS seems to have increased in Go 1.24 while the runtime...

SUSE-SU-2025:02759-1 Security update for go1.23

This update for go1.23 fixes the following issues: - Update to go1.23.12: CVE-2025-47906: Fixed LookPath returning unexpected paths bsc1247719 CVE-2025-47907: Fixed incorrect results returned from Rows.Scan bsc1247720 go74415 runtime: use-after-free of allpSnapshot in findRunnable go74693 runtime...

Schneider Electric SESU

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

Linux Distros Unpatched Vulnerability : CVE-2021-46985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpidevicesetname' fails, we mus...

Linux Distros Unpatched Vulnerability : CVE-2022-50057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL deref in ntfsupdatemftmirr If ntfsfillsuper wasn't called then sbi-sb wil...