7.5
CVE-2025-59148 - Suricata's improper use of entropy keyword can lead to a NULL-ptr deref
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed β¦
7.5
CVE-2025-59147 - Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers withβ¦
4.3
CVE-2025-58055 - Discourse AI Suggestions Contain Insecure Direct Object Reference
Discourse is an open-source community discussion platform. In versions 3.5.0 and below, the Discourse AI suggestion endpoints for topic βTitleβ, βCategoryβ, and βTagsβ allowed authenticated users to extract information about topics that they werenβt authorized to access. By modifying the βtopic_idββ¦
5.8
CVE-2025-10578 - HP Support Assistant - Potential Escalation of Privilege
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.47.41.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
3.5
CVE-2025-58054 - Discourse is vulnerable to XSS when quoting chat messages
Discourse is an open-source community discussion platform. Versions 3.5.0 and below are vulnerable to XSS attacks through parsing and rendering of chat channel titles and chat thread titles via the quote message functionality when using the rich text editor. This issue is fixed in version 3.5.1.
0.0
CVE-2025-61855 -
Not used
0.0
CVE-2025-61851 -
Not used
0.0
CVE-2025-61853 -
Not used
0.0
CVE-2025-61854 -
Not used
0.0
CVE-2025-61852 -
Not used