Google Chrome Security Update (stable-channel-update-for-desktop_29-2025-04) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

The Planted Orthogonal Vectors Problem

In the $k$-Orthogonal Vectors $k$-OV problem we are given $k$ sets, each containing $n$ binary vectors of dimension $d=n^o1$, and our goal is to pick one vector from each set so that at each coordinate at least one vector has a zero. It is a central problem in fine-grained complexity, conjectured...

IBM Sterling Connect:Direct Web Services Code Issue Vulnerability

IBM Sterling Connect:Direct Web Services is a file-based, peer-to-peer file transfer solution from International Business Machines IBM. A code issue vulnerability exists in IBM Sterling Connect:Direct Web Services that stems from a browser closing without disabling the session, no details of the...

Pydio Core End of Life (EOL) Detection

The Pydio Core version on the remote host has reached the end of life EOL and should not be used anymore. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Pydio Core <= 8.2.5 XSS Vulnerability

Pydio Core is prone to a cross-site scripting XSS vulnerability via the New URL Bookmark feature. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Google Chrome Security Update (stable-channel-update-for-desktop_29-2025-04) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

WordPress NewsBlogger Theme <= 0.2.5.1 is vulnerable to Arbitrary File Upload

Software NewsBlogger Type Theme Vulnerable versions = 0.2.5.1 Fixed in 0.2.5.2 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-1304 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 233ab859c905 Credits CVEhunter Required privilege Subscriber...

Debian: Security Advisory (DLA-4142-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird Security Update (mfsa_2025-31) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Google Chrome Security Update(stable-channel-update-for-desktop_29-2025-04) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Fedora: Security Advisory (FEDORA-2025-8445f115f6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MSP360 Backup insecure filesystem permissions

RISK EVALUATION MSP360 Backup is a data backup and recovery solution. An insecure default permissions vulnerability allows a lower privileged user to execute commands with root level privileges in the 'Online Backup' folder. An attacker could exploit this vulnerability to obtain user...

CVE-2025-30194

When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access double-free and crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.9 version. A...

Apache Tomcat DoS Vulnerability (Apr 2025) - Linux

Apache Tomcat is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat"; ...

dnsdist -- Denial of service via crafted DoH exchange

[email protected] reports: When DNSdist is configured to provide DoH via the nghttp2provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access double-free and crash of DNSdist, causing a denial of service. The remedy is: upgrade t...

Fedora: Security Advisory (FEDORA-2025-3e26fc9217)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibreOffice Improper Verification of Cryptographic Signature Vulnerability (Apr 2025) - Mac OS X

LibreOffice is prone to an improper verification of cryptographic signature vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

CVE-2025-31328

SAP Learning Solution is vulnerable to Cross-Site Request Forgery CSRF, allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the...

Debian: Security Advisory (DLA-4137-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-2280949271)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...