Fedora: Security Advisory (FEDORA-2025-31830e02b0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-eef56e1ee1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

D-Link DIR-867 Buffer Overflow Vulnerability (Jun 2025)

D-Link DIR-867 devices are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora: Security Advisory (FEDORA-2025-4fed640c91)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-b434717c22)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5946-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LiSec-RTF: Reinforcing RPL Resilience against Routing Table Falsification Attack in 6LoWPAN

Routing Protocol for Low-Power and Lossy Networks RPL is an energy-efficient routing solution for IPv6 over Low-Power Wireless Personal Area Networks 6LoWPAN, recommended for resource-constrained devices. While RPL offers significant benefits, its security vulnerabilities pose challenges,...

Fedora 42 : mingw-python-setuptools (2025-db489d66e3)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-db489d66e3 advisory. Update to 78.1.1, fixes CVE-2025-47273. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

CVE-2025-38064

In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on deviceshutdown Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region 'null', reason: rejected...

CVE-2025-52557 Mail-0 Zero Session Hijacking Via Email

Mail-0's Zero is an open-source email solution. In version 0.8 it's possible for an attacker to craft an email that executes javascript leading to session hijacking due to improper sanitization. This issue has been patched in version 0.81...

ImpReSS: Implicit Recommender System for Support Conversations

Following recent advancements in large language models LLMs, LLM-based chatbots have transformed customer support by automating interactions and providing consistent, scalable service. While LLM-based conversational recommender systems CRSs have attracted attention for their ability to enhance th...

CVE-2025-49987

Missing Authorization vulnerability in WPFactory CRM ERP Business Solution crm-erp-business-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CRM ERP Business Solution: from n/a through = 1.13...

CVE-2025-49987 WordPress CRM ERP Business Solution plugin <= 1.13 - Broken Access Control Vulnerability

Missing Authorization vulnerability in WPFactory CRM ERP Business Solution crm-erp-business-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CRM ERP Business Solution: from n/a through = 1.13...

PT-2025-26355 · Wpfactory · Wpfactory Crm Erp Business Solution

Name of the Vulnerable Software and Affected Versions: WPFactory CRM ERP Business Solution versions 1.13 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For...

Python DoS Vulnerability (Jun 2025) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Python DoS Vulnerability (Jun 2025) - Windows

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Python DoS Vulnerability (Jun 2025) - Mac OS X

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

CVE-2025-47771

PowSyBl Core versions 6.3.0–6.7.1 contain a deserialization issue in SparseMatrix.read(InputStream) that can lead to privilege escalations under various circumstances. The root cause is a vulnerability in how SparseMatrix is deserialized, enabling untrusted input to affect system state. A fix is ...

CVE-2025-48886

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...

CVE-2025-48886 hydra-node dangerously assumes L1 event finality and does not consider failed transactions

Hydra is a layer-two scalability solution for Cardano. Prior to version 0.22.0, the process assumes L1 event finality and does not consider failed transactions. Currently, Cardano L1 is monitored for certain events which are necessary for state progression. At the moment, Hydra considers those...