GitLab 12.0 < 17.9.8 / 17.10 < 17.10.6 / 17.11 < 17.11.2 (CVE-2025-1278)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access...

WordPress Frontend Login and Registration Blocks plugin <= 1.1.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin Frontend Login and Registration Blocks versions = 1.1.1...

KLA83544 DoS vulnerability in PostgreSQL

Buffer over-read vulnerability was found in PostgreSQL. Malicious users can exploit this vulnerability to cause denial of service. Original advisories PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation Related products PostgreSQL CVE lis...

Ubuntu: Security Advisory (USN-7501-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibreOffice Improper Validation of Array Index vulnerability (May 2025) - Windows

LibreOffice is prone to an improper validation of array index vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RLSA-2024:6964 Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

SAP Learning Solution Cross-Site Request Forgery Vulnerability

SAP Learning Solution is an enterprise-wide learning management system from SAP. SAP Learning Solution suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. An attacker could explo...

Ubuntu: Security Advisory (USN-7491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 8 : emacs (RLSA-2025:1917)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1917 advisory. emacs: Shell Injection Vulnerability in GNU Emacs via Custom man URI Scheme CVE-2025-1244 Tenable has extracted the preceding description block directly from the...

Moderate: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Photon OS 5.0: Emacs PHSA-2025-5.0-0512

An update of the emacs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0512. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Unsecured Authentication Attempt Detected (Low)

A server allow for authentication using credentials in an unencrypted manner over unencrypted channel. Such credentials might be revealed to an attacker intercepting this traffic and used to gain access to data on the server. This plugin only works with Tenable.ot. Please visit...

Fedora: Security Advisory (FEDORA-2025-858cec7479)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-b1804b97fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-f68a9b835d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-53083 nfsd: don't replace page in rq_pages if it's a continuation of last page

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't replace page in rqpages if it's a continuation of last page The splice read calls nfsdspliceactor to put the pages containing file data into the svcrqst-rqpages array. It's possible however to get a splice result that...

WordPress Custom Login and Registration plugin <= 1.0.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Custom Login and Registration versions = 1.0.0...

Debian: Security Advisory (DSA-5913-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Discourse 3.5.x < 3.5.0.beta3 DM Limit Bypass Vulnerability

Discourse is prone to a DM limit buypass vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse";...

Ubuntu: Security Advisory (USN-7473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...