PT-2026-34042

Name of the Vulnerable Software and Affected Versions Spring Spring Security versions 6.4.0 through 6.4.15 Spring Spring Security versions 6.5.0 through 6.5.9 Spring Spring Security versions 7.0.0 through 7.0.4 Description Applications that explicitly configure One-Time Token login using...

EUVD-2025-209450

A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiOS 6.2.9 through 6.2.17 allows attacker to execute unauthorized code or...

SUSE-SU-2026:21059-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

CVE-2025-6141 affecting package ncurses for versions less than 6.4-3

CVE-2025-6141 affecting package ncurses for versions less than 6.4-3. An upgraded version of the package is available that resolves this issue...

Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2025 - Includes Oracle April 2024 CPU plus CVE-2025-4447

Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...

CVE-2025-69720

The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyzestring in progs/infocmp.c...

EUVD-2025-208493

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is...

CVE-2025-54820

Fortinet FortiManager contains a Stack-based Buffer Overflow (CWE-121) affecting FortiManager 7.4.0–7.4.2, 7.2.0–7.2.10, and all 6.4 versions. An unauthenticated remote attacker could craft requests to execute unauthorized commands if the service is enabled. The flaw is related to bypassing stack...

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in log4j-core (CVE-2025-68161)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-68161 of log4j-core-2.17.1.jar. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:0748-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0748-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes one security issue The following security issue was fixed: - CVE-2025-38129:...

aratinga (>=0.1.0a0.dev0 <=0.1.0a0.dev2), cjkcms-cache (=2.3.2) +24 more potentially affected by CVE-2026-28223 via wagtail (>=6.4.0 <=7.0.0)

wagtail PYPI version =6.4.0, =0.1.0a0.dev0, =4.0.0, =5.2.0, =2.0.2, =0.1.1771543667, =0.6.0, =0.0.1, =0.0.1, =0.0.1, =2.4.0, =0.0.1, =0.0.2 and more Source cves: CVE-2026-28223 Source advisory: OSV:GHSA-P4V8-RW59-93CQ...

org.glassfish.mq:mq-client (>=6.4.0 <=6.9.0), org.glassfish.mq:mq-cluster (>=6.4.0 <=6.9.0) +12 more potentially affected by CVE-2026-22886 via org.glassfish.mq:mqbroker-core (>=6.4.0 <=6.9.0)

org.glassfish.mq:mqbroker-core MAVEN version =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.9.0 Source cves: CVE-2026-22886 Source advisory: SNYK:JAVA-ORGGLASSFISHMQ-15444256...

CVE-2026-21743

A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotecte...

CVE-2025-25249

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4 all versions, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to...

CVE-2019-2831

Vulnerability in the PeopleSoft Enterprise FIN Project Costing component of Oracle PeopleSoft Products subcomponent: Projects. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-1999-0313

diskbandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames...

CVE-2025-15416

CVE-2025-15416 affects xnx3 wangmarket up to 6.4. The vulnerability exists in the file /siteVar/save.do within the Add Global Variable Handler. Manipulating the Remark/Variable Value parameter can trigger a cross-site scripting (XSS) flaw that can be exploited remotely; the exploit has been publi...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-2531)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-64156

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7, FortiVoice 6.4 all versions, FortiVoice 6.0 all versions may allow an authenticated privileged attacker to execute...

CVE-2025-53843

CVE-2025-53843 describes a stack-based buffer overflow in Fortinet FortiOS that affects FortiOS 6.4 and 7.x series (notably 7.6.0–7.6.3, 7.4.0–7.4.8, and all 7.2/7.0). The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted packets, with network access ...