Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the model combination feature: the access control pipeline only verified users’ access...

CVE-2026-44221

ArcadeDB prior to version 2.6.4 (also referenced as 26.4.2 in some advisories) contains a cross-database authorization bypass. Two defects enable authenticated principals to bypass both record-level and database-level controls: (1) ServerSecurityUser.getDatabaseUser() returns a DB user with an un...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities were caused by insufficient routing access control in the Nostr plugin’s HTTP configuration file, which might allow...

ROS-20260129-73-0033

A vulnerability in the CREATE STATISTICS function of the PostgreSQL database management system is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

EUVD-2017-7410

Malware in sbrugna...

EUVD-2013-4815

Malware in sbrugna...

ROS-20251002-03

A vulnerability in Microsoft's .NET software platform is related to the closing of the HTTP/3 stream while writing code for an application, resulting in a race condition in response. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive informatio...

ROS-20250912-15

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities relevant to Samsung Mobile in Samsung Mobile. The vulnerabilities in the Android kernel include a race condition between functions that manage CPU timers, which can lead to system instability. In addition,...

RHEL 6 / 7 : rh-postgresql95-postgresql (RHSA-2017:2677)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2677 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstre...

DRUPAL-CONTRIB-2024-036

This module enables field collections to be displayed as tables. It supports display suite and field permissions and provides operations modify, delete, duplicate. This module has multiple vulnerabilities due to the requirements on the routes it provides not being restrictive enough. Information...

Ubuntu 22.04 LTS / 23.10 : Linux kernel (AWS) vulnerabilities (USN-6680-3)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6680-3 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...

The vulnerability of the microprogramming software of the Ubiquiti Networks UniFi Dream Machine Pro, related to deficiencies in access control, allows intruders to circumvent domain restrictions.

The vulnerability of the microprogrammed software of the Ubiquiti Networks UniFi Dream Machine Pro relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass domain restrictions using specially created packages...

SUSE-SU-2023:3892-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005990 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcindex...

SUSE-SU-2023:3846-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024145 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcinde...

SUSE-SU-2023:3768-1 Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197126 fixes several issues. The following security issues were fixed: - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcindex bsc1210619. - CVE-2023-3776: Fixed improper refcount update in clsfw leads to...

SUSE-SU-2023:3629-1 Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122147 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c bsc1213244. - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nftbyteorder that could allow ...

SUSE-SU-2023:3612-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024126 fixes several issues. The following security issues were fixed: - CVE-2023-32233: Fixed a use-after-free in Netfilter nftables when processing batch requests bsc1211187. - CVE-2023-3567: Fixed a use-after-free in vcsread in...

The vulnerability of operating systems such as watchOS, iOS, iPadOS, and macOS, related to deficiencies in access control, allows attackers to gain access to limited functions.

The vulnerabilities of operating systems such as watchOS, iOS, iPadOS, and macOS are related to deficiencies in access control. Exploiting these vulnerabilities can allow attackers to gain access to limited functions...

The vulnerability of the Connected User Experiences and Telemetry operating system service allows attackers to enhance their privileges.

The vulnerability of the Connected User Experiences and Telemetry services in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...