ROOT-OS-UBUNTU-2204-CVE-2025-38345 CVE-2025-38345 in rootio-linux - Patched by Root

Root has patched CVE-2025-38345 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-23148 CVE-2025-23148 in rootio-linux - Patched by Root

Root has patched CVE-2025-23148 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

CVE-2025-15558

A flaw was found in Docker CLI for Windows. A low-privileged attacker can exploit this vulnerability by creating a specific directory, C:\ProgramData\Docker\cli-plugins, which does not exist by default. By placing malicious plugin binaries in this directory, an attacker can achieve privilege...

DEBIAN-CVE-2025-68802

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations The exec and vmbind ioctl allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs can force an excessively large allocation,...

SUSE CVE-2025-68937

Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later...

CVE-2025-12562

creationtimestamp| type| source ---|---|--- 2025-12-11 15:25:32+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3m7pv2q3ouq2z...

CVE-2025-63059 WordPress Ninja Popups plugin <= 4.7.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in arscode Ninja Popups arscode-ninja-popups allows Stored XSS.This issue affects Ninja Popups: from n/a through = 4.7.8...

CVE-2025-40936

creationtimestamp| type| source ---|---|--- 2025-11-17 13:41:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5te34vmhp2b 2025-12-09 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1042/ 2026-02-12 11:00:00+00:00| seen|...

DEBIAN-CVE-2025-43430

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

DEBIAN-CVE-2025-39876

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fecenetphyresetafterclkenable The function ofphyfinddevice may return NULL, so we need to take care before dereferencing phydev...

CVE-2025-2416

creationtimestamp| type| source ---|---|--- 2025-09-03 14:39:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxwue45i5r2r...

Fedora 41 : mod_auth_openidc (2025-be0c6f25ce)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-be0c6f25ce advisory. Rebase to new version resolves CVE-2025-31492 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

CVE-2025-9184

Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

CVE-2025-43237

creationtimestamp| type| source ---|---|--- 2025-07-30 15:46:27+00:00| seen| Telegram/61umvAkzXo26nTcPueXlmsGiR95z5slebSbIJYD4EfkfxrQ...

CVE-2025-4976

An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under certain circumstances, could have allowed an attacker to access internal notes in GitLab Duo responses...

CVE-2025-38245

In the Linux kernel, the following vulnerability has been resolved: atm: Release atmdevmutex after removing procfs in atmdevderegister. syzbot reported a warning below during atmdevregister. 0 Before creating a new device and procfs/sysfs for it, atmdevregister looks up a duplicated device by...

GHSA-F9P8-GJR4-J9GX

creationtimestamp| type| source ---|---|--- 2025-06-17 11:22:14+00:00| seen| https://seclists.org/oss-sec/2025/q2/258...

Linux Distros Unpatched Vulnerability : CVE-2016-5624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. CVE-2016-5624...

CVE-2025-22706

creationtimestamp| type| source ---|---|--- 2025-01-21 14:16:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb254mppz2t 2025-01-21 16:08:09+00:00| seen| https://t.me/cvedetector/15971...

CVE-2019-20074

creationtimestamp| type| source ---|---|--- 2024-03-18 10:11:53+00:00| seen| https://t.me/ctinow/210333 2025-05-11 21:02:16+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lowe3tv3dz2n 2025-08-01 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities -...