454 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-38978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths. CVE-2026-38978 Note that Nessus relies ...
UBUNTU-CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness i...
CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
CVE-2026-49009
Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal...
CVE-2026-33552
Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control...
CVE-2026-49009
Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal...
CVE-2026-33552
Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control...
CVE-2026-42797
Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which allows any administrator with sufficient entitlements for User read to access User-related...
Northern.tech Mender Enterprise Server 安全漏洞
Northern.tech Mender Enterprise Server is an enterprise-level device remote update and management platform developed by Northern.tech Corporation. Versions of Northern.tech Mender Enterprise Server prior to version 4.1.1 contained security vulnerabilities, which were caused by improper access...
CVE-2026-49009
Northern.tech Mender Server suffers a Directory Traversal vulnerability (CVE-2026-49009) affecting v4.0.1 and earlier and v4.1.0 and earlier. The issue is resolved in v4.0.2 and v4.1.1. Public sources describe it as an input sanitization/access control problem that enables traversal outside inten...
PT-2026-44081
Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal...
CVE-2026-49009
Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal...
CVE-2026-33552
Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control...
CVE-2026-42782
Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...
EUVD-2026-31696
Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. This issue affects...
PT-2026-43078
Name of the Vulnerable Software and Affected Versions Apache Syncope versions 3.0 through 3.0.16 Apache Syncope versions 4.0 through 4.0.5 Apache Syncope version 4.1.0 Description Improper Isolation or Compartmentalization allows an administrator with sufficient entitlements for Implementations t...
CVE-2026-1726
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1...
EUVD-2026-25127
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1...
PT-2026-34578
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1...
CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml".
text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...