EUVD-2026-29491

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

PT-2026-7269

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU5 Description A SQL injection issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can potentially read arbitrary data from the database through this flaw. Recommendations...

EUVD-2023-29714

Malicious code in bioql PyPI...

iMonitor EAM 安全漏洞

iMonitor EAM is an employee computer network activity monitoring software from iMonitor USA. A security vulnerability exists in iMonitor EAM version 9.6394, which stems from an insecure system service update mechanism that could lead to elevated privileges...

Service Update 1.39 for Microsoft Dynamics CRM (on-premises) 9.1

Service Update 1.39 for Microsoft Dynamics CRM on-premises 9.1 Introduction Service Update 9.1.39 for Microsoft Dynamics CRM on-premises 9.1 is now available. This article describes the hotfixes and updates that are included in Service Update 9.1.39.04 More information Update package| Version...

Service Update 1.38 for Microsoft Dynamics CRM (on-premises) 9.1

Service Update 1.38 for Microsoft Dynamics CRM on-premises 9.1 Introduction Service Update 9.1.38 for Microsoft Dynamics CRM on-premises 9.1 is now available. This article describes the hotfixes and updates that are included in Service Update 9.1.38.10 More information Update package| Version...

Linux Distros Unpatched Vulnerability : CVE-2022-23538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services SCS Container Library Service. When the scs-library-client is used ...

Azure Linux 3.0 Security Update: qt5-qtbase / qtbase (CVE-2025-5455)

The version of qt5-qtbase / qtbase installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5455 advisory. - An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in...

Advisory ROSA-SA-2025-2947

software: libsoup 3.2.1 OS: ROSA-CHROME unaffected versions = libsoup-3.2.1-2 affected versions libsoup-3.2.1-2 CVE-ID: CVE-2025-32913 BDU-ID: 2025-06242 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the soupmessageheadersgetcontentdisposition function of the GNOME GUI libsoup library is related t...

PT-2025-31943 · Fpdi +1 · Fpdi +1

Name of the Vulnerable Software and Affected Versions: FPDI versions 2.6.2 and below Description: FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. A malicious PDF file can cause a server-side script to crash due to...

PT-2025-29651

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.42 Oracle MySQL versions 8.4.0 through 8.4.5 Oracle MySQL versions 9.0.0 through 9.3.0 Description This issue affects the Optimizer component of Oracle MySQL Server. A highly privileged attacker with...

PT-2025-29251

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 21.2R3-S9 Juniper Networks Junos OS versions 21.4 prior to 21.4R3-S11 Juniper Networks Junos OS versions 22.2 prior to 22.2R3-S7 Juniper Networks Junos OS versions 22.4 prior to 22.4R3-S6 Juniper...

PT-2025-28786 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Illustrator versions 28.7.6 and earlier Illustrator version 29.5.1 Description: Illustrator is susceptible to a NULL Pointer Dereference issue that may result in application denial-of-service. An attacker could exploit this issue to crash the...

PT-2025-28221 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.3.0 Description: The WeGIA server has a vulnerability that allows excessively long HTTP GET requests to a specific URL, resulting from the lack of validation for the length of the fid parameter. This issue can cause...

Important: mod_security

Issue Overview: ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content type is application/json,...

Important: libsoup

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

Important: libsoup3

Issue Overview: A flaw was found in the soupmultipartnewfrommessage function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper...

Mozilla Firefox Security Update (mfsa_2025-42) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Security update for s390-tools

This update for s390-tools fixes the following issues: CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 Amended the .spec file Updated the 'service' file Removed the obsolete file 'cargoconfig' Updated 'cputype' and...

CVE-2025-47291

CVE-2025-47291 concerns containerd’s CRI: versions 2.0.1–2.0.4 do not place usernamespaced containers under the Kubernetes cgroup hierarchy, which may cause Kubernetes limits to not be honored and could lead to node denial of service. The issue is fixed in containerd 2.0.5+ and 2.1.0+. Remediatio...