Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016595 advisory. The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service. Tenable has extracted the precedin...

Astra Linux - уязвимость в bind9

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

Dell PowerScale OneFS 9.5.x < 9.10.1.7 / 9.11.x < 9.13.0.1 Information Disclosure (DSA-2026-125)

The version of Dell PowerScale OneFS running on the remote host is 9.5.x prior to 9.10.1.7 or 9.11.x prior to 9.13.0.1. It is, therefore, affected by a vulnerability: - A generation of error message containing sensitive information vulnerability allows a high privileged attacker with local access...

EUVD-2026-9398

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of...

pgAdmin 安全漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Version 9.11 of pgAdmin has a security vulnerability, which stems from a possible bypass of recovery restrictions, potentially leading to command execution...

[SECURITY] Fedora 43 Update: pgadmin4-9.11-1.fc43

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

EulerOS 2.0 SP10 : bind (EulerOS-SA-2025-2378)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...

CVE-2025-40778 Cache poisoning attacks with unsolicited RRs

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through...

EUVD-2018-17513

Malware in sbrugna...

EUVD-2025-25413

Malicious code in bioql PyPI...

EUVD-2025-30247

Malicious code in bioql PyPI...

SUSE CVE-2025-9081

Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration...

CVE-2025-36601

Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information disclosure...

GHSA-F72G-52V7-MG3P Mattermost boards plugin fails to restrict download access to files

Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate access controls which allows any authenticated user to download sensitive files via board file download endpoint using UUID enumeration...

CVE-2025-9081

CVE-2025-9081 affects Mattermost 9.11.x &lt;= 9.11.17 and 10.5.x

Mattermost Fails to Sanitize Path Traversal Sequences

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...

CVE-2025-53971 Channel and Team Membership APIs inadvertently allow loss of Member privileges.

Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate authorization for team scheme role modifications which allows Team Admins to demote Team Members to Guests via the PUT /api/v4/teams/team-id/members/user-id/schemeRoles API endpoint...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 10.8.3 and prior to 10.8.x, 10.5.8 and prior to 10.5.x, 9.11.17 and prior to 9.11.x, 10.10.0 and prior to 10.10.x, and 10.9.3 and prior to 10.9.x,...

PT-2025-34201 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.8.x through 10.8.3 Mattermost versions 10.5.x through 10.5.8 Mattermost versions 9.11.x through 9.11.17 Mattermost versions 10.9.x through 10.9.2 Mattermost versions 10.10.x through 10.10.0 Description: The Mattermost...

Mattermost Server 9.11.x < 9.11.17 / 10.5.x < 10.5.8 (MMSA-2025-00474)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00474 advisory. - Mattermost versions 10.5.x = 10.5.7, 9.11.x = 9.11.16 fail to negotiate a new token when accepting the invite which allows a user that intercepts both invi...