[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
  [ vulnerabilities | tools ]
CISA Advisories
US-CERT
FullDisclosure
[KIS-2025-08] 1C-Bitrix <= 25.100.500 (Translate Module) Remote Code Execution Vulnerability
[KIS-2025-07] Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) in the product management functionality
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality.
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area
nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality
Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
APPLE-SA-12-12-2025-9 Safari 26.2
APPLE-SA-12-12-2025-8 visionOS 26.2
US CERT Weekly
Open Source Security
[kubernetes] CVE-2025-14269: Credential caching in Headlamp with Helm enabled
WebKitGTK and WPE WebKit Security Advisory WSA-2025-0010
Re: [CVE-2025-14282] dropbear: privilege escalation via unix domain socket forwardings
[CVE-2025-14282] dropbear: privilege escalation via unix domain socket forwardings
CVE-2025-67895: Apache Airflow Providers Edge3: Edge3 Worker RPC RCE on Airflow 2
Dropbear 2025.89 fixes privilege escalation, CVE-2025-14282
XXE vulnerabilities in electronic invoicing software (Kivitendo, peppol-py, ZUV)
uriparser 1.0.0 fixes CVE-2025-67899 (DoS, CWE-674)
additional React vulnerabilities (CVE-2025-55183, CVE-2025-55184, CVE-2025-67779)
Re: Update: CVE-2025-67896: EXIM-Security-2025-12-09.1: Exim 4.99: Remote heap corruption
© 2025 RiskDiscovery | Sponsored by: Deception Logic