CVE-2025-54511

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform developed by the American company VMware, which can be directly installed on physical servers. VMware ESXi has a security vulnerability that stems from unreliable pointer dereferencing. This vulnerability could allow attackers to access kernel memor...

PT-2026-39921

Name of the Vulnerable Software and Affected Versions SAP S/4HANA SAP Enterprise Search for ABAP affected versions not specified Description An authenticated attacker can inject malicious SQL statements through user-controlled input. The application directly concatenates this input into SQL queri...

EUVD-2026-22154

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...

Improper Link Resolution

kubevirt.io/kubevirt is vulnerable to improper link resolution. The vulnerability is due to lack of verification of whether the launcher-sock is a symlink or regular file, which allows an attacker with control over the virt-launcher pod file system to manipulate file ownership on the host and...

Advisory ROSA-SA-2026-3217

software: runc 1.3.4 OS: ROSA-CHROME unaffected versions = runc-1.3.4-1 affected versions runc-1.3.4-1 CVE-ID: CVE-2024-45310 BDU-ID: 2024-06891 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Runc isolated container tool is associated with a race condition that allows link tracking. Exploitation...

ROS-20260317-73-0031

A vulnerability in the cloneprivatemnt function of the Linux kernel is related to insecure privilege management. Exploitation of the vulnerability allows an intruder to affect the integrity and availability of protected information...

Adobe Commerce License Issues Vulnerability (CNVD-2026-15168)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that could be exploited by an attacker to bypass security measures and have a limited impact on...

CVE-2026-21359

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited...

PT-2026-24565

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have limited...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an authorization issue vulnerability that could be exploited by an attacker to bypass security measures and have a limited impact on...

EUVD-2026-10456

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...

CVE-2025-67733

A flaw was found in Valkey, a distributed key-value database. A malicious user can exploit this vulnerability by using scripting commands to inject arbitrary information into the response stream. This is caused by improper handling of null characters in the error handling code for Lua scripts...

CVE-2023-31323

CVE-2023-31323 affects the AMD Secure Processor (ASP) with a Type confusion in the External Global Memory Interconnect Trusted Agent (XGMI TA). The issue can allow a malformed argument to be passed to XGMI TA, causing a memory safety violation and potential loss of confidentiality, integrity, or ...

ROS-20260209-73-0017

PowerDNS Recursor DNS server vulnerability is related to failure to take measures to neutralize special elements in the output data. Exploitation of the vulnerability could allow a remote attacker to affect the integrity and availability of protected information...

ROS-20260209-73-0018

PowerDNS Recursor DNS server vulnerability is related to failure to take measures to neutralize special elements in the output data. Exploitation of the vulnerability could allow a remote attacker to affect the integrity and availability of protected information...

ROS-20260129-73-0079

A vulnerability in the SSH server of the library for the Go crypto programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

ROS-20260129-73-0077

A vulnerability in the SSH server of the library for the Go crypto programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

CVE-2026-0501 SQL Injection Vulnerability in SAP S/4HANA Private Cloud and On-Premise (Financials � General Ledger)

Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise Financials General Ledger, an authenticated user could execute crafted SQL queries to read, modify, and delete backend database data. This leads to a high impact on the confidentiality, integrity, and availability of...

ROS-20260113-7352

A vulnerability in the decryptrawdata function in the fs/smb/client/smb2ops.c module of the SMB subsystem of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...