Google Chrome Security Update (stable-channel-update-for-desktop_15-2025-04) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Ubuntu: Security Advisory (USN-7438-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle MySQL Server 8.4.0, 9.0.0 Security Update (cpuapr2025) - Linux

Oracle MySQL Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Photon OS 4.0: Curl PHSA-2025-4.0-0774

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0774. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Tiki Wiki CMS Groupware < 21.12, 22.0 < 24.8, 25.0 < 27.2, 28.0 < 28.3 Code Injection Vulnerability

Tiki Wiki CMS Groupware is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Zoom Workplace Desktop App < 6.3.0 Heap-Based Buffer Overflow (ZSB-25012)

The version of Zoom Workplace Desktop App installed on the remote host is prior to 6.3.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-25012 advisory. - Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via...

KLA82678 SB vulnerability in Mozilla Firefox

Security vulnerability was found in Mozilla Firefox. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories MFSA2025-25 Related products Mozilla-Firefox CVE list CVE-2025-3608 high Solution Update to the latest version Download Mozilla Firefox Impacts ...

SquirrelMail <= 1.4.23, 1.5.x <= 1.5.2 XSS Vulnerability

SquirrelMail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Important: Red Hat Security Advisory: Network Observability 1.8.1 for OpenShift

Network Observability 1.8 for Red Hat OpenShift. Network flows collector and monitoring solution...

Joomla! Authentication Bypass Vulnerability (20250402)

Joomla! is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...

Overcoming Bottlenecks in Homomorphic Encryption for the 2024 Mexican Federal Election

On June 2, 2024, Mexico held its federal elections. The majority of Mexican citizens voted in person at the polls in this historic election. For the first time though, Mexican citizens living outside their country were able to vote online via a web app, either on a personal device or using an...

Windows App Client < 2.0.365.0 RCE Vulnerability (Apr 2025) - Windows

Windows App Client is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian: Security Advisory (DLA-4123-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2025-0132)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4128-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 5.0: Freetype2 PHSA-2025-5.0-0499

An update of the freetype2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0499. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle Linux 7 : freetype (ELSA-2025-3395)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3395 advisory. 2.8-14.0.1.el79.1 - Fix CVE-2025-27363 Out-of-bounds Write Orabug: 37770275CVE-2025-27363 Tenable has extracted the preceding description block directly from th...

Linux Distros Unpatched Vulnerability : CVE-2025-31672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are...

Linux Distros Unpatched Vulnerability : CVE-2025-31344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib:...

Linux Distros Unpatched Vulnerability : CVE-2025-26682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2025-26682 Note that...