Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)

Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...

Barco/AWIND OEM Presentation Platform - Remote Command Injection

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pr...

OPENSUSE-SU-2026:10971-1 prometheus-blackbox_exporter-0.26.0-6.1 on GA media

These are all security issues fixed in the prometheus-blackboxexporter-0.26.0-6.1 package on the GA media of openSUSE Tumbleweed...

GHSA-W2Q5-6Q6X-X959 vulnerabilities

Vulnerabilities for packages: hcloud, tofu-controller-fips, virt-handler-fips, stern, yunikorn-k8shim, aws-ebs-csi-driver-fips, k3s, velero-plugin-for-gcp, harbor-cli, local-path-provisioner, databricks-cli, gitlab-operator-fips, terragrunt, kube-rbac-proxy, net-kourier-fips, sqlexporter,...

Astra Linux – Vulnerability in libqb

In logblackbox.c in libqb before version 2.0.8, a buffer overflow can occur due to the use of long log messages, as the size of the log headers is not taken into consideration...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: trivy, custom-pod-autoscaler, swagger, aws-network-policy-agent, gitness, go-licenses, cilium-certgen, opa-envoy, omnibump, podman, speedtest-go, cri-tools, nri-elasticsearch, timoni, cloudnative-pg, bank-vaults, newrelic-infra-operator, incert, extism, step-ca, nova...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: trivy, custom-pod-autoscaler, swagger, aws-network-policy-agent, gitness, go-licenses, cilium-certgen, opa-envoy, omnibump, podman, speedtest-go, cri-tools, nri-elasticsearch, timoni, cloudnative-pg, bank-vaults, newrelic-infra-operator, incert, extism, step-ca, nova...

Pensar Apex AI-Powered Penetration Testing

Pensar Apex is an AI-powered penetration testing using autonomous agents - directly in your terminal. Run blackbox and whitebox pentests that explore, reason, and surface real vulnerabilities...

CLEANSTART-2026-YM28538 Prometheus Blackbox Exporter through 0

Multiple security vulnerabilities affect the prometheus-blackbox-exporter package. Prometheus Blackbox Exporter through 0. See references for individual vulnerability details...

CLEANSTART-2026-ZL24388 Prometheus Blackbox Exporter through 0

Multiple security vulnerabilities affect the prometheus-blackbox-exporter package. Prometheus Blackbox Exporter through 0. See references for individual vulnerability details...

The Trojan Example: Jailbreaking LLMs through Template Filling and Unsafety Reasoning

Large Language Models LLMs have advanced rapidly and now encode extensive world knowledge. Despite safety fine-tuning, however, they remain susceptible to adversarial prompts that elicit harmful content. Existing jailbreak techniques fall into two categories: white-box methods e.g., gradient-base...

Linux Distros Unpatched Vulnerability : CVE-2023-26735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blackboxexporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports...

Linux Distros Unpatched Vulnerability : CVE-2020-16248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both...

SUSE SLES15 / openSUSE 15 Security Update : Multi-Linux Manager Client Tools (SUSE-SU-2025:01989-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01989-1 advisory. golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 fo...

prometheus-blackbox_exporter-0.24.0-3.1 on GA media (moderate)

prometheus-blackboxexporter-0.24.0-3.1 on GA media Announcement ID: openSUSE-SU-2025:15162-1 Rating: moderate Cross-References: CVE-2023-45288 CVE-2025-22870 CVSS scores: CVE-2023-45288 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2023-45288 SUSE : 6.9...

OPENSUSE-SU-2025:15162-1 prometheus-blackbox_exporter-0.24.0-3.1 on GA media

These are all security issues fixed in the prometheus-blackboxexporter-0.24.0-3.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-48139

A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

CVE-2020-16248

Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability...

Provable Secure Steganography Based on Adaptive Dynamic Sampling

The security of private communication is increasingly at risk due to widespread surveillance. Steganography, a technique for embedding secret messages within innocuous carriers, enables covert communication over monitored channels. Provably Secure Steganography PSS is state of the art for making...

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.

...