Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and data deactivation. Vulnerabilities exist in versions 7.7.1.0 to 8.5 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.2...

Release Information for Veeam Backup for Microsoft 365 8.4

Requirements This release can be used to: upgrade an existing v7, v8, v8.1, v8.2, or v8.3 deployment of Veeam Backup for Microsoft 365 to v8.4. install a new deployment of Veeam Backup for Microsoft 365 v8.4. After installing this release, the Veeam Backup for Microsoft 365 build number will be...

openSUSE 16 Security Update : tigervnc (openSUSE-SU-2026:20465-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20465-1 advisory. - CVE-2026-34352: Fixed permissions to prevent other users from observing the screen, or modifying what is sent to the client. bsc1260871 Tenable has...

PT-2026-31095

Name of the Vulnerable Software and Affected Versions DSGVO Google Web Fonts GDPR plugin for WordPress versions up to and including 1.1 Description The DSGVO Google Web Fonts GDPR plugin for WordPress is susceptible to arbitrary file upload due to the absence of file type validation in the...

WordPress plugin DSGVO Google Web Fonts GDPR 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

PT-2026-30972

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source encrypts certain sensitive fields with AES in ECB mode, which preserves block-aligned plaintext patterns in ciphertext and enables pattern disclosure against stored data. This vulnerability i...

Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection

A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...

Mbed TLS -- vulnerabilities

https://mbed-tls.readthedocs.io/en/latest/security-advisories/ reports: Client impersonation while resuming a TLS 1.3 session CVE-2026-34873 Entropy on Linux can fall back to /dev/urandom CVE-2026-34871 PSA random generator cloning CVE-2026-25835 Compiler-induced constant-time violations...

WordPress DSGVO snippet for Leaflet Map and its Extensions plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'unset' Attribute vulnerability discovered by zaim in WordPress Plugin DSGVO snippet for Leaflet Map and its Extensions versions = 3.1...

CVE-2026-4283

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

DEBIAN-CVE-2026-33222

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data which should have been protected against them...

CVE-2026-33222

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data which should have been protected against them...

CVE-2026-33222

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data which should have been protected against them...

CVE-2026-33222

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, users with JetStream admin API access to restore one stream could restore to other stream names, impacting data which should have been protected against them...

WordPress WP DSGVO Tools (GDPR) plugin <= 3.1.38 - Missing Authorization to Unauthenticated Account Destruction of Non-Admin Users vulnerability

Missing Authorization to Unauthenticated Account Destruction of Non-Admin Users vulnerability discovered by shark3y in WordPress Plugin WP DSGVO Tools GDPR versions = 3.1.38...

Understanding Wiz’s Approach to Securing the AI Supply Chain

As organizations race to deploy AI, securing the rapidly expanding ecosystem of models, data, and dependencies has become a critical priority, much of which can be addressed by Wiz’s CNAPP solution...

EUVD-2026-14735

The WP DSGVO Tools GDPR plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the super-unsubscribe AJAX action accepting a processnow parameter from unauthenticated users, which bypasses the intended email-confirmation...

ROS-20260324-73-0010

A vulnerability in the f2fs component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

Introducing Wiz AI Application Protection Platform (AI-APP)

Secure every layer of AI applications — infrastructure, data, access, models, agents, and applications — from code to runtime, across every environment you build in...

Security Bulletin: IBM Guardium Data Protection is affected by MySQL Server July 2025 CPU vulnerabilities.

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only se...