Google Chrome Security Update (stable-channel-update-for-desktop-2025-04) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Security Update (stable-channel-update-for-desktop-2025-04) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Security Update (stable-channel-update-for-desktop-2025-04) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Mozilla Firefox ESR Security Update (mfsa_2025-21) - Windows

Mozilla Firefox ESR is prone to an use-after-free vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VLC Media Player < 3.0.20 DoS Vulnerability (Apr 2025) - Windows

VLC Media Player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Important: Red Hat Security Advisory: Satellite 6.16.4 Async Update

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2025-31878

Technical details for CVE-2025-31878 are not provided in the connected documents; public details about affected version 2.0.2 and remediation are not present here. Monitor for updates.

Debian: Security Advisory (DLA-4101-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JVN#87266215: WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization

WordPress plugin "Welcart e-Commerce" provided by Welcart Inc. contains an untrusted data deserialization vulnerability CWE-502. Impact Arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product. Solution Update the plugin Update the plug...

XWiki 1.9 < 15.10.14, 16.x < 16.4.6, 16.5.x < 16.10.0 Authorization Bypass Vulnerability (GHSA-22q5-9phm-744v)

Xwiki is prone to an authorization bypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

Ubuntu: Security Advisory (USN-7399-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA82275 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Security UI vulnerability can be exploited to spoof user interfac...

Apple Safari Security Update (HT122379)

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

WordPress Real Estate 7 Theme <= 3.5.4 is vulnerable to Arbitrary File Upload

Software Real Estate 7 Type Theme Vulnerable versions = 3.5.4 Fixed in 3.5.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-2891 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 22e03f3e7c10 Credits Foxyyy Required privilege Seller...

Debian: Security Advisory (DLA-4095-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4096-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-27001

Insertion of Sensitive Information Into Sent Data vulnerability in Shipmondo Shipmondo – A complete shipping solution for WooCommerce pakkelabels-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Shipmondo – A complete shipping solution for WooCommerce: from n/a through =...

CVE-2025-27001

Insertion of Sensitive Information Into Sent Data vulnerability in Shipmondo Shipmondo – A complete shipping solution for WooCommerce pakkelabels-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Shipmondo – A complete shipping solution for WooCommerce: from n/a through =...

Mozilla Firefox Security Update (MFSA2025-19) - Windows

Mozilla Firefox is prone to a sandbox escape vulnerability SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Netapp SnapCenter < 6.0p1 / 6.1 < 6.1P1 Privilege Escalation

The version of Netapp SnapCenter installed on the remote host is affected by a privilege escalation vulnerability. SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system...