Fedora 43 : gdu (2025-709790fda7)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-709790fda7 advisory. Update to 5.32.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

CVE-2023-23941

SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...

PT-2024-34362 · Unknown · Ironman Powershell Universal

Name of the Vulnerable Software and Affected Versions: Ironman PowerShell Universal versions prior to 5.0.12 Description: The issue allows an authenticated attacker to elevate their privileges and view job information. Recommendations: For versions prior to 5.0.12, update to version 5.0.12 or lat...

PT-2024-37600 · Yordam Information Technology · Yordam Information Technology Mobile Library Application

Name of the Vulnerable Software and Affected Versions: Yordam Information Technology Mobile Library Application versions prior to 5.0 Description: The issue allows exposure of sensitive information to an unauthorized actor, enabling the retrieval of embedded confidential information...

PT-2022-27079 · Unknown · Simmeth Lieferantenmanager

Name of the Vulnerable Software and Affected Versions: Simmeth Lieferantenmanager versions prior to 5.6 Description: An issue was discovered that allows an attacker to download arbitrary files from the web server by abusing an API call to "/DS/LM API/api/ConfigurationService/GetImages" with an...

PT-2022-34773 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: A percpu memory leak was discovered in the nf tables module at the nf tables addchain function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...

PT-2022-22656 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Description: A information disclosure issue exists where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the user's access permission...

PT-2021-24068 · WordPress +1 · Wordpress +1

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.8 Description: The issue makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming...