FreeBSD : unit-java -- security vulnerability (f6ca7c47-9190-11f0-b8da-589cfc10a551)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f6ca7c47-9190-11f0-b8da-589cfc10a551 advisory. F5 reports: When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to a...

DEBIAN-CVE-2025-39739

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...

CVE-2025-39739

The CVE-2025-39739 issue is a Linux kernel iommu/arm-smmu-qcom vulnerability that was resolved by adding SM6115 MDSS compatibility to the MDSS clients list to apply the needed workaround. The described impact includes unhandled SMMU context faults during boot on QRB4210 RB2 (SM4250/SM6115) and re...

Linux Distros Unpatched Vulnerability : CVE-2018-16809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and...

Linux Distros Unpatched Vulnerability : CVE-2017-0307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the...

Linux Distros Unpatched Vulnerability : CVE-2017-18212

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the litreadcodeunitfromhex function in lit/lit-char-helpers.c via a...

CVE-2025-10172

A flaw has been found in UTT 750W up to 3.2.2-191225. This issue affects some unknown processing of the file /goform/formPictureUrl. Executing manipulation of the argument importpictureurl can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be...

CVE-2025-10065

A weakness has been identified in itsourcecode POS Point of Sale System 1.0. Impacted is an unknown function of the file /inventory/main/vendors/datatables/unittesting/templates/domdatath.php. This manipulation of the argument scripts causes cross site scripting. The attack is possible to be...

CVE-2025-10064

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This issue affects some unknown processing of the file /inventory/main/vendors/datatables/unittesting/templates/domdatatwoheaders.php. The manipulation of the argument scripts results in cross site scripting. The...

POS Point of Sale System 6776.php File Cross-Site Scripting Vulnerability

POS Point of Sale System is a pos point of sale system. POS Point of Sale System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the scripts parameter of the...

CVE-2023-31365

An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability...

CVE-2023-31351

Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity...

CVE-2025-10060

MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0...

iio: imu: bno055: fix OOB access of hw_xlate array

...

CVE-2025-10067

CVE-2025-10067 affects itsourcecode POS Point of Sale System 1.0. The vulnerability exists in the file /inventory/main/vendors/datatables/unit_testing/templates/empty_table.php where manipulating the scripts argument leads to cross-site scripting. The issue can be exploited remotely and, per mult...

CVE-2025-10066

A security vulnerability has been detected in itsourcecode POS Point of Sale System 1.0. The affected element is an unknown function of the file /inventory/main/vendors/datatables/unittesting/templates/dymanictable.php. Such manipulation of the argument scripts leads to cross site scripting. The...

CVE-2025-10066

CVE-2025-10066 affects itsourcecode POS Point of Sale System 1.0. The vulnerability is an XSS in an unknown function within /inventory/main/vendors/datatables/unit_testing/templates/dymanic_table.php caused by improper handling of the scripts argument. This could allow remote attackers to execute...

CVE-2025-10063

A vulnerability was identified in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/deferredtable.php. The manipulation of the argument scripts leads to cross site scripting. Remote exploitation ...

CVE-2024-36346

CVE-2024-36346 concerns AMD Power Management Firmware (PMFW). The issue is caused by improper input validation , enabling a privileged attacker from a Guest VM to send arbitrary input data and potentially induce a GPU reset . The CVSSv3.1 metrics (AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H) indicate a l...

CVE-2024-36342

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution...