Atlassian Jira 9.12.x < 9.12.28 Path Traversal

According to its self-reported version number, the Atlassian Jira application running on the remote host is 9.12.x prior to 9.12.28, 10.3.x prior to 10.3.12 or 11.x prior to 11.1.0. It is, therefore, affected by a path traversal vulnerability. Note that the scanner has not tested for these issues...

CVE-2025-53701

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS Cross-site Scripting attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users. The vendor did not respond in any way. Only version 1.1.0.1...

CVE-2025-53702

Vilar VS-IPC1002 IP cameras are vulnerable to DoS Denial-of-Service attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required. The vendor did not...

Security Updates for Microsoft Word Products C2R (October 2025)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has instead...

Security Updates for Microsoft Office Products C2R (October 2025)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-59227, CVE-2025-59234 - A denial of...

FreeBSD : Mozilla -- Memory safety bugs (7b9a8247-ab7b-11f0-b961-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b9a8247-ab7b-11f0-b961-b42e991fc52e advisory. [email protected] reports: Some of these bugs showed evidence of memory corruption and we presume th...

SUSE CVE-2023-53631

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobjectput to dispose the...

CVE-2023-53631

CVE-2023-53631 — In Linux kernel, platform/x86 dell-sysman reference leak: if kset_find_obj() finds a duplicate attribute, a reference to that attribute can be returned and may not be disposed, potentially leaking references. Patch note: use kobject_put() to dispose the duplicate attribute. Affec...

PT-2025-41075

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference leak exists in the Linux kernel’s platform/x86/dell-sysman component. When a duplicate attribute is found using the kset find obj function, a reference to that attribute is...

EUVD-2025-30773

Malicious code in bioql PyPI...

EUVD-2025-28951

Malicious code in bioql PyPI...

EUVD-2025-26073

Malicious code in bioql PyPI...

CVE-2025-9983

GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Changing these values does not change camera's behavior. The vendor did not respond in any way. Only...

CVE-2025-9983 Lack of Authentication for RTSP stream

GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Changing these values does not change camera's behavior. The vendor did not respond in any way. Only...

CVE-2025-9983

The CVE-2025-9983 affects GALAYOU G2 IP cameras, where RTSP streams can be accessed without valid credentials. The issue arises because default credentials are not required to access streams, and changing them does not affect behavior, indicating an authentication bypass in the RTSP service. Affe...

Mozilla Firefox ESR < 115.28

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.28. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-74 advisory. - Integer overflow in the SVG component. This vulnerability affects Firefox 143, Firefox ESR 115.28, Firefox ESR...

CVE-2022-50321

CVE-2022-50321 corresponds to a Linux kernel wifi flaw in brcmfmac where brcmf_netdev_start_xmit() could leak memory when pskb_expand_head() fails, returning NETDEV_TX_OK without freeing the skb. The fix adds dev_kfree_skb() to properly free skb and was compile-tested; multiple Unity/Linux adviso...

UBUNTU-CVE-2025-39761

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling Currently, TID is not decremented before peer cleanup, during error handling path of ath12kdprxpeerfragsetup. This could lead to out-of-bounds access in peer-rxtid...

UBUNTU-CVE-2025-39750

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12kdprxpeertidsetup, the tid value is already incremented, even though the corresponding TID is not actually allocated. Proceed to...

Fedora 41 : loupe (2025-458d5882a1)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-458d5882a1 advisory. Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. Tenable has extracted the preceding description block directly from the Fedora security advisory...