Debian: Security Advisory (DLA-4135-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GIMP Buffer Overflow Vulnerability (Apr 2025) - Windows

GIMP is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gimp:gimp"; ifdescription...

PT-2025-17702 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.10 Mattermost versions 10.4.x through 10.4.2 Mattermost versions 10.5.x through 10.5.0 Description: The issue arises from the failure to properly validate the props used by the RetrospectivePost custom...

Lattica Emerges from Stealth to Solve AI’s Biggest Privacy Challenge with FHE

Lattica’s cloud-based solution uses Fully Homomorphic Encryption to query encrypted data on AI models without decrypting it, preserving privacy and bolstering security...

CVE-2025-42603 Information Disclosure Vulnerability in Meon KYC solutions

This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in plain text within the response payloads of certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting API response that contains unencrypted sensitive...

Google Chrome Security Update (stable-channel-update-for-desktop_22-2025-04) - Mac OS X

Google Chrome is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

The vulnerability of the SAP Solution Manager platform, related to deficiencies in the authentication process, allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of the SAP Solution Manager platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to compromise the confidentiality of the protected information...

7-Zip Multiple Vulnerabilities (Apr 2025) - Windows

7zip is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:7-zip:7-zip"; ifdescription...

NodeBB < 4.0.5 Multiple Vulnerabilities

NodeBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodebb:nodebb"; ifdescription...

CVE-2025-31328

SAP Learning Solution is vulnerable to Cross-Site Request Forgery CSRF, allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the...

CVE-2025-31328 Cross-Site Request Forgery (CSRF) vulnerability in SAP S/4 HANA (Learning Solution)

SAP Learning Solution is vulnerable to Cross-Site Request Forgery CSRF, allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the...

SAP Learning Solution 跨站请求伪造漏洞

SAP Learning Solution is an enterprise-wide learning management system from SAP. SAP Learning Solution suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. An attacker could explo...

PT-2025-17589 · Sap · Sap Learning Solution

Name of the Vulnerable Software and Affected Versions: SAP Learning Solution affected versions not specified Description: The issue allows an attacker to trick an authenticated user into sending unintended requests to the server through Cross-Site Request Forgery CSRF. A GET-based OData function ...

Debian: Security Advisory (DLA-4133-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4134-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-32956 ManageWiki has SQL injection vulnerability in NamespaceMigrationJob

ManageWiki is a MediaWiki extension allowing users to manage wikis. Versions before commit f504ed8, are vulnerable to SQL injection when renaming a namespace in Special:ManageWiki/namespaces when using a page prefix namespace name, which is the current namespace you are renaming with an injection...

Debian: Security Advisory (DSA-5906-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5903-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-e6f5710dba)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SAP Solution Manager Directory Traversal Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as a system management platform. A directory traversal vulnerability exists in SAP Solution Manager, which stems from a lack of validity checkin...