CVE-2026-8260

Technical details about CVE-2026-8260 are not publicly available in the provided documents. Monitor for updates from official advisories. The initial description states the vulnerability exists in D-Link DCS-935L HNAP service SetDeviceSettings buffer overflow.

Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8260-1)

"The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8260-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properl...

CVE-2026-8260

creationtimestamp| type| source ---|---|--- 2026-05-10 15:29:09+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116550988543376529 2026-05-11 01:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlk4sl6tqq22 2026-05-11 01:30:30+00:00| seen|...

CVE-2025-8260

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgridserver.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out...

CVE-2025-8260

A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgridserver.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out...

CVE-2025-8260

CVE-2025-8260 affects Vaelsys 4.1.0, specifically code in /grid/vgrid_server.php of the MD4 Hash Handler. Manipulating the argument xajaxargs leads to use of a weak hash. The vulnerability is exploitable remotely with network access; attack complexity is described as high, and exploitation is con...

CLSA-2024-1734532539 Fix CVE(s): CVE-2022-38076

CVE-2022-38076 - linux-firmware: Update for Intel Dual Band Wireless AC 3168 - linux-firmware: Upadte for Intel Wireless 7265 Rev D Family - linux-firmware: Update for Intel Dual Band Wireless AC 3165 - linux-firmware: Update for Intel Dual Band Wireless AC 8265 - linux-firmware: Update for Intel...

Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers

Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...

CVE-2024-8260

creationtimestamp| type| source ---|---|--- 2024-08-30 15:39:09+00:00| seen| https://t.me/cvedetector/4519 2024-10-22 17:01:42+00:00| seen| https://t.me/thehackernews/5770...

CVE-2024-8260 vulnerabilities

Vulnerabilities for packages: datadog-agent, k8sgpt, zot, cosign, kots, kubescape, snyk-cli, spire-server, opa, policy-controller, tfsec, conftest, zarf...

CVE-2024-8260 OPA SMB Force-Authentication

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...

Mageia: Security Advisory (MGASA-2018-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploitation of Pulse Connect Secure Vulnerabilities

Summary The Cybersecurity and Infrastructure Security Agency CISA is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to...

Pulse Secure VPNs Get New Urgent Update for Poorly Patched Critical Flaw

Pulse Secure has shipped a fix for a critical post-authentication remote code execution RCE vulnerability in its Connect Secure virtual private network VPN appliances to address an incomplete patch for an actively exploited flaw it previously resolved in October 2020. "The Pulse Connect Secure...

Take action! Multiple Pulse Secure VPN vulnerabilities exploited in the wild

Pulse Secure has alerted customers to the existence of an exploitable chain of attack against its Pulse Connect Secure PCS appliances. PCS provides Virtual Private Network VPN facilities to businesses, which use them to prevent unauthorized access to their networks and services. Cybersecurity...

Pulse Secure VPN gzip RCE

The Pulse Connect Secure appliance before 9.1R9 suffers from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in Remote Code Execution as root. Admin credentials are required for successful exploitation. Of note, MANY binaries are not ...

Pulse Secure VPN Remote Code Execution Exploit

The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. Admin credentials are required for successful exploitation...

CVE-2020-8260

creationtimestamp| type| source ---|---|--- 2020-12-17 22:50:44+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/pulsesecuregziprce.rb 2021-04-16 11:17:08+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/194 2021-04-21...

Pulse Policy Secure < 9.1R9 (SA44601)

According to its self-reported version, the version of Pulse Policy Secure running on the remote host is prior to 9.1R9. It is, therefore, affected by the following vulnerabilities: - A vulnerability in the Pulse Connect Secure 9.1R9 admin web interface could allow an authenticated attacker to...

CVE-2020-8260

Pulse Connect Secure (PCS) vulnerable