711 matches found
Huawei HarmonyOS Certificate Management Module Data Handling Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to compromise confidentiali...
CVE-2025-12576
GitLab CE/EE is affected in versions prior to 18.7.6, 18.8.6 (for 18.8 line), and 18.9.2 (for 18.9 line) where an authenticated user could cause a denial of service due to improper handling of webhook response data. Affected components are the webhook handling flow; the root cause is improper pro...
CVE-2025-12576 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that under certain conditions could have allowed an authenticated user to cause a denial of service due to improper handling of webhook response data...
PT-2026-24705
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that under certain conditions could have allowed an authenticated user to cause a denial of service due to improper handling of webhook response data...
CVE-2025-20005
CVE-2025-20005 : Improper buffer restrictions in some Intel reference-platform UEFI firmware may allow a local-privilege-escalation by a privileged system software adversary. The described attack requires a high-complexity, local attacker with no user interaction and does not rely on remote acces...
MiracleLinux 8 : fence-agents-4.2.1-129.el8_10.24 (AXBA:2026-269:05)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXBA:2026-269:05 advisory. - urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to compromise confidentiali...
TencentOS Server 4: edk2 (TSSA-2026:0116)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0116 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
EUVD-2026-8929
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions 5.0.0.5 to 7.0.3.4 of OpenEMR contain security...
Exploit for Deserialization of Untrusted Data in Microsoft
WSUS Security Research Toolkit - Installation Guide System...
Important: Red Hat Security Advisory: python-urllib3 security update
An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
RHEL 8 : python-urllib3 (RHSA-2026:2717)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2717 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Hand over the keys for Shannon’s shenanigans
Welcome to this week's edition of the Threat Source newsletter. Last week, yet another security AI tool made the rounds on social media: Shannon, a fully autonomous AI penetration testing tool created by Keygraph. It "autonomously hunts for attack vectors in your code, then uses its built-in...
python3.12-urllib3 security update
An update is available for python3.12-urllib3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...
RHEL 9 : python3.12-urllib3 (RHSA-2026:1957)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:1957 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
CVE-2025-29946
Technical details about CVE-2025-29946 (affected product/component/versions/root cause/patch) are not publicly provided in the supplied documents. Monitor for updates from vendors (AMD, OSV, Red Hat, Ubuntu, etc.) before assessing risk or remediation.
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP CRM, SAP S/4HANA, SAP NetWeaver Application Server ABAP, SAP Supply Chain Management, SAP BusinessObjects BI Platform, SAP Document Management System, SAP Commerce Cloud, and SAP Business Workflow. The vulnerabilities include code...
ROS-20260209-73-0025
Vulnerability in python-urllib3 related to incorrect handling of highly compressed input data. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer overflow vulnerability that stems from the HDC module failing to properly validate the length and size of input data,...