CVE-2026-10735

CVE-2026-10735 concerns a supply‑chain compromise of ShapedPlugin Pro plugins (Product Slider Pro for WooCommerce, Real Testimonials Pro, Smart Post Show Pro) delivered via the vendor update server. Technical details show a stage 1 loader in src/Includes/LicenseLoader.php that runs on admin init ...

SUSE-SU-2026:1723-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: - CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects bsc1263819...

Fedora: Security Advisory (FEDORA-2026-7a9c0c8c04)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 7 : linux-firmware-20170606-58.gitc990aae.el7 (AXSA:2018-2517:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2517:02 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. This update supersedes microcode provided by...

CVE-2025-23362

The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. When an image is rendered and crafted EXIF meta data is processed, an arbitrary script may be executed on the web browser. Versions 2.3.2 and 2.4.0 were reported as...

OPENSUSE-SU-2025:20128-1 Security update for shadowsocks-v2ray-plugin, v2ray-core

This update for shadowsocks-v2ray-plugin, v2ray-core fixes the following issues: Changes in shadowsocks-v2ray-plugin: - Update version to 5.25.0 Update v2ray-core to v5.25.0 - Add update-vendor.patch, update v2ray-core to v5.33.0 boo1243954 and CVE-2025-297850 Changes in v2ray-core: - Fix...

Kiwire Captive Portal contains 3 web vulnerabilities

Overview The Kiwire Captive Portal, provided by SynchroWeb, is an internet access gateway intended for providing guests internet access where many users will want to connect. Three vulnerabilities were discovered within the product, including SQL injection, open redirection, and cross site...

CVE-2025-10568 HyperX NGENUITY - Arbitrary Code Execution

HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing updated software to address the potential vulnerability...

Microsoft Excel 2016 Multiple RCE Vulnerabilities (KB5002782)

This host is missing an important security update according to Microsoft KB5002782 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Intel® Xeon® 6 Processor Firmware Advisory

Summary: Potential security vulnerabilities for some Intel® Xeon® 6 Processors when using Intel® Software Guard Extensions Intel® SGX or Intel® Trust Domain Extensions Intel® TDX may allow escalation of privilege. Intel is releasing microcode updates to mitigate these potential vulnerabilities...

CVE-2025-8963

A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely...

Intel® Xeon® 6 Processor with Intel® TDX Advisory

Summary: A potential security vulnerability in some Intel® Xeon® 6 processor with Intel® Trust Domain Extensions Intel® TDX may allow escalation of privilege. Intel is releasing a microcode update to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-22889 Description:...

Intel® Xeon® 6 Scalable Processors Advisory

Summary: A potential security vulnerability in Intel® Xeon® 6 Scalable processors may allow escalation of privilege. Intel is releasing a microcode update to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-22840 Description: Sequence of processor instructions leads t...

Python Multiple Vulnerabilities (Jun 2025) - Windows

Python is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2022-49709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cfi: Fix cfislowpathdiag RCU usage with cpuidle RCUNONIDLE usage during cfislowpathdiag can...

Linux Distros Unpatched Vulnerability : CVE-2024-38606

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qat - validate slices count returned by FW The function adfsendadmintlstart enables...

Linux Distros Unpatched Vulnerability : CVE-2018-19543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2decode in libjasper/jp2/jp2dec.c. CVE-2018-19543...

Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J

Overview A command injection vulnerability has been identified in the Wi-Fi Test Suite, a tool developed by the WiFi Alliance, which has been found deployed on Arcadyan routers. This flaw allows an unauthenticated local attacker to exploit the Wi-Fi Test Suite by sending specially crafted packets...

SUSE-SU-2024:3186-1 Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.4: CVE-2024-3727 updates bsc1224117 Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3: correctly configure /etc/hosts and resolv.conf buildah: refactor resolv/hosts setup. rename...

SUSE-SU-2024:3151-1 Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.4: Bump to Buildah v1.35.4 CVE-2024-3727 updates bsc1224117 integration test: handle new labels in 'bud and test --unsetlabel' Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3:...