TencentOS Server 4: postgresql (TSSA-2025:0170)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0170 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: pcs (TSSA-2024:1104)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1104 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

PT-2025-25409 · Totolink · Totolink N600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK N600R version 4.3.0cu.7866 B2022506 Description: A Buffer Overflow issue allows a remote attacker to execute arbitrary code via the UPLOAD FILENAME component. This enables remote code execution. Recommendations: For TOTOLINK N600R...

Photon OS 4.0: Linux PHSA-2025-4.0-0811

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0811. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-46813 affecting package kernel for versions less than 6.6.90.1-1

CVE-2024-46813 affecting package kernel for versions less than 6.6.90.1-1. A patched version of the package is available...

PT-2025-25164 · Unknown · Code-Projects School Fees Payment System

Name of the Vulnerable Software and Affected Versions: code-projects School Fees Payment System version 1.0 Description: A critical issue was found, affecting an unknown functionality, which leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to t...

PT-2025-25067 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...

PT-2025-25139 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing an attacker with limited privileges to inject malicious scripts into vulnerable form fields. This could...

PT-2025-25013 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing an attacker with limited privileges to inject malicious scripts into vulnerable form fields. This could...

PT-2025-24978 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing an attacker with limited privileges to inject malicious scripts into vulnerable form fields. This could...

PT-2025-24996 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing an attacker with limited privileges to inject malicious scripts into vulnerable form fields. This could...

PT-2025-24972 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...

PT-2025-25113 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing an attacker with limited privileges to inject malicious scripts into vulnerable form fields. This could...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included (CVE-2023-52486 CVE-2023-52881)

Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed CVE-2023-52486 CVE-2023-52881. Vulnerability Details CVEID:CVE-2023-52881 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved:...

CVE-2025-5896

A vulnerability was found in tarojs taro up to 4.1.1. It has been declared as problematic. This vulnerability affects unknown code of the file taro/packages/css-to-react-native/src/index.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely...

CVE-2025-5889

A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely...

33,000 WordPress Sites Affected by Privilege Escalation Vulnerability in RealHomes WordPress Theme

🌞Spring Into Summer Challenge: Critical Threats = Critical Rewards. 🌞 🔥 Now through August 4, 2025, earn 2X bounty rewards for all in-scope submissions from our'High Threat' list in software with fewer than 5 million active installs. Submit bold. Earn big! 🔥 On May 4th, 2025, we received a...

CVE-2025-48053

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, sending a malicious URL in a PM to a bot user can cause a reduced the availability of a Discourse instance...

Fedora: Security Advisory (FEDORA-2025-15220f1411)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : libvpx (2025-15220f1411)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-15220f1411 advisory. Add patch for double free Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...