Portainer 路径遍历漏洞

Portainer is a lightweight user management interface developed by Portainer for managing Docker environments and Docker hosts. In versions 2.33.0 to 2.33.8 of the Portainer Community Edition, there was a path traversal vulnerability. This vulnerability stemmed from the tar.gz decompression...

CVE-2026-6713

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an unauthorized user to enumerate private projects due to incorrect authorization checks...

UBUNTU-CVE-2026-1402

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

UBUNTU-CVE-2026-6713

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an unauthorized user to enumerate private projects due to incorrect authorization checks...

EUVD-2026-32622

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

SUSE CVE-2024-12289

Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...

PT-2026-44066

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 17.1 through 18.10.6 GitLab CE/EE versions 18.11 through 18.11.3 GitLab CE/EE versions 19.0 through 19.0.0 Description An issue exists where an authenticated user can cause a denial of service due to insufficient validati...

PT-2026-44222

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.9 through 18.10.6 GitLab CE/EE versions 18.11 through 18.11.3 GitLab CE/EE versions 19.0 through 19.0.0 Description An authorization enforcement error allows a blocked Project Access Token to maintain access to private...

Linux Distros Unpatched Vulnerability : CVE-2026-48696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689. CVE-2026-48696 Note that...

Linux Distros Unpatched Vulnerability : CVE-2026-48691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the...

Linux Distros Unpatched Vulnerability : CVE-2026-48687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in...

CVE-2026-48696

FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689...

DEBIAN-CVE-2026-48696

FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689...

CVE-2026-48696

FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689...

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

CVE-2026-48693

FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...

CVE-2026-48696

Technical details about CVE-2026-48696 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories; no affected products, vectors, or remediation are specified here.

PT-2026-43354

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.3.0 Description A configuration injection issue exists in the Juniper router integration plugin. In the file src/juniper plugin/fastnetmon juniper.php, the variable IP ATTACK received from argv1...

CVE-2026-48690

FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packetstorage.hpp, the allocatebuffer function computes memorysizeinbytes as 'buffersizeinpackets maxcapturedpacketsize + sizeoffastnetmonpcappkthdrt +...

PT-2026-43270

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An out-of-bounds read exists in the NetFlow v9 data flowset processor within the src/netflow plugin/netflow v9 collector.cpp file. The Data template branch iterates over flow...