5058 matches found
EUVD-2026-9330
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...
CVE-2026-0869
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
CVE-2026-0869
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
EUVD-2026-9312
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
CVE-2026-0869 Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
CVE-2026-0869
CVE-2026-0869 describes an authentication bypass in Brocade ASCG 3.4.0, enabling an unauthorized user to perform ASCG operations related to Brocade Support Link (BSL) and streaming configuration. The vulnerability could also disable the ASCG application or disable BSL data collection on fabric sw...
Brocade ASCG 安全漏洞
Brocade ASCG is a network feature offered by the American company Brocade. It is primarily used to simplify SAN architectures and optimize resource utilization. Version 3.4.0 of Brocade ASCG contains a security vulnerability. This vulnerability stems from an authentication bypass mechanism, which...
PT-2026-22802
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0 (CVE-2026-0869)
Application User accounts with Brocade ASCG application privileges created by the administrator are not properly being password enforced. Any other user that learns of the assigned user name can access the custom created application manager account and gain access to the Brocade ASCG application...
PT-2026-22838
Name of the Vulnerable Software and Affected Versions GLPI Inventory Plugin versions prior to 1.6.6 Description The GLPI Inventory Plugin manages network discovery, inventory, software deployment, and data collection for GLPI agents. A reflected cross-site scripting XSS issue exists in task jobs...
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
Samsung has settled a lawsuit with the Texas Attorney General over how its smart TVs collect and monetize viewing data using Automated Content Recognition ACR. As part of the settlement, Samsung agreed to stop collecting ACR data from Texans without explicit, informed consent and to rewrite its...
firefox: thunderbird: Use-after-free in the JavaScript: GC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component...
MAL-2026-1090 Malicious code in isb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 93750cbddba7897fde1d31836971e11082ad2076012c7caf708980de45827840 Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...
CVE-2026-28354
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...
CVE-2026-28354
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...
CVE-2026-28354 ClipBucket v5 has IDOR in Collection Item Management
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...
CVE-2026-28354
ClipBucket v5 contains an authorization flaw (IDOR) in collection item management prior to 5.5.3 #59. An authenticated user can modify items in another user’s collection via add_to_collection.php (missing authorization) and removeItemFromCollection() via manage_collections.php?mode=manage_items… ...
CVE-2026-28354 ClipBucket v5 has IDOR in Collection Item Management
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...
CVE-2026-28354
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...
EUVD-2026-9062
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...