CVE-2025-12217 SNMP Default Community String (public)

SNMP Default Community String public.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

PT-2025-43732

Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description The firmware uses a default SNMP community string, specifically 'public'. This allows unauthorized access to device information and potential modification of settings...

Fedora 43 : gi-docgen (2025-86cf4f2eed)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-86cf4f2eed advisory. gi-docgen 2025.5 - 2025-10-11 This is a security fix for CVE-2025-11687. The severity of this issue depends on what else is hosted on the same domain as the...

CVE-2025-62254

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

GHSA-Q95H-87J6-273X Liferay Portal ComboServlet denial of service via large file combination

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

Liferay Portal ComboServlet denial of service via large file combination

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

Debian dsa-6037 : openjdk-21-dbg - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6037 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6037-1 [email protected] https://www.debian.org/securit...

EulerOS 2.0 SP13 : glib2 (EulerOS-SA-2025-2257)

According to the versions of the glib2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib, which is vulnerable to an integer overflow in the gstringinsertunichar function. When the position at which to insert the...

CVE-2025-62254

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

CVE-2025-62254

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

CVE-2025-62254

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...

SUSE CVE-2023-53729

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...

Predictable Seed in Pseudo-Random Number Generator (PRNG)

Overview Affected versions of this package are vulnerable to Predictable Seed in Pseudo-Random Number Generator PRNG via the use of RandomStringUtils with the default java.util.Random PRNG. An attacker can recover sensitive information by predicting the server-side encryption key if they can obta...

curl: Use of Deprecated strcpy() with User-Controlled Environment Variable in Memory Debug Initialization

Discovery Method Step 1: Initial Security Scan Find all files using dangerous string functions find src/ -name ".c" -exec grep -l "strcpy|strcat|sprintf|gets" ; OUTPUT: src/toolprogress.c src/toolmain.c Step 2: Locate Vulnerable Code in Main.c Find exact strcpy usage in toolmain.c grep -n...

Moderate: Red Hat Security Advisory: OpenJDK 21.0.9 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

EUVD-2025-35610

ncurses exposes uninitialized memory in string reading functions...

GHSA-X77X-7MMH-CXV3 ncurses exposes uninitialized memory in string reading functions

Multiple string reading functions expose uninitialized memory by setting length to capacity when no null terminator is found. This allows reading uninitialized memory which may contain sensitive data from previous allocations. The ncurses-rs repository is archived and unmaintained...

ncurses exposes uninitialized memory in string reading functions

Multiple string reading functions expose uninitialized memory by setting length to capacity when no null terminator is found. This allows reading uninitialized memory which may contain sensitive data from previous allocations. The ncurses-rs repository is archived and unmaintained...

EUVD-2023-60026

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 "crypto: s390 - add crypto library interface for ChaCha20" added a library interface to the s390 specific ChaCha20 implementation. However no...

DEBIAN-CVE-2023-53729

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...