121 matches found
CVE-2025-50081
Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2025-50083
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
Node.js 20.x < 20.19.4 / 22.x < 22.17.1 / 24.x < 24.4.1 Multiple Vulnerabilities (Tuesday, July 15, 2025 Security Releases).
The version of Node.js installed on the remote host is prior to 20.19.4, 22.17.1, 24.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Tuesday, July 15, 2025 Security Releases advisory. - The V8 release used in Node.js v24.0.0 has changed how string hashes are...
Splunk Enterprise 9.1.0 < 9.1.9, 9.2.0 < 9.2.6, 9.3.0 < 9.3.5, 9.4.0 < 9.4.2 (SVD-2025-0708)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0708 advisory. - In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103,...
PHP 8.3.x < 8.3.23 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.3.23. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.23 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
CGA-M8C4-WGH3-CG5X
Bulletin has no description...
Slackware Linux 15.0 / current xorg-server Multiple Vulnerabilities (SSA:2025-168-01)
The version of xorg-server installed on the remote host is prior to 1.20.14 / 21.1.17 / 21.1.4 / 24.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-168-01 advisory. New xorg-server packages are available for Slackware 15.0 and -current to fix security...
GitLab 17.9 < 17.10.8 / 17.11 < 17.11.4 / 18.0 < 18.0.2 (CVE-2025-5195)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. It was possible for authenticated users to access arbitrary...
Adobe InDesign < 19.5.4 / 20.0 < 20.3.0 Multiple Vulnerabilities (APSB25-53)
The version of Adobe InDesign installed on the remote Windows host is prior to 19.5.4, 20.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-53 advisory. - InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write...
RHEL 9 : .NET 8.0 (RHSA-2025:7603)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7603 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...
CVE-2024-25510
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/addresspublicshow.aspx...
CVE-2020-5829
Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...
CVE-2017-1002157
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution...
CVE-2025-22872 affecting package kubevirt for versions less than 0.59.0-28
CVE-2025-22872 affecting package kubevirt for versions less than 0.59.0-28. A patched version of the package is available...
PT-2025-17087 · Event Espresso · Event Espresso – Custom Email Template Shortcode
Name of the Vulnerable Software and Affected Versions: Event Espresso – Custom Email Template Shortcode versions 1.0.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in...
CVE-2025-32534 WordPress Workbox Video from Vimeo & Youtube Plugin Plugin <= 3.2.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Workbox Workbox Video from Vimeo & Youtube workbox-video-from-vimeo-youtube-plugin allows Reflected XSS.This issue affects Workbox Video from Vimeo & Youtube: from n/a through = 3.2.2...
Important: php8.3
Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-rwp7-7vc6-8477 https://www.tenable.com/cve/CVE-2024-11235 Version This vulnerability is present only in PHP 8.3+. The PHP 8.2 and versions before are not impacted. CVE-2024-11235 Header parser of http stream wrapper doe...
CVE-2024-51744 affecting package influxdb for versions less than 2.6.1-22
CVE-2024-51744 affecting package influxdb for versions less than 2.6.1-22. A patched version of the package is available...
GHSA-WXPC-2674-RXVW Feast Cross-Origin Resource Sharing vulnerability
A Cross-Origin Resource Sharing CORS vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can bypass intended security...
CVE-2024-48873 affecting package kernel for versions less than 6.6.76.1-1
CVE-2024-48873 affecting package kernel for versions less than 6.6.76.1-1. An upgraded version of the package is available that resolves this issue...