TeamViewer DEX Client 安全漏洞

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. An input validation error vulnerability exists in TeamViewer DEX Client versions prior to 26.1, which stems from a lack of validation of user control values in Content Distribution...

Hitachi SuprOS security vulnerabilities

Hitachi SuprOS is a centralized management system for power distribution automation and communication devices developed by Hitachi, a Japanese company. Hitachi SuprOS has a security vulnerability, which stems from the presence of default credentials. This vulnerability could allow authenticated...

Moderate: Red Hat Security Advisory: multicluster engine for Kubernetes v2.10.1 security update

The multicluster engine for Kubernetes 2.10 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.10 images The multicluster engine for Kubernetes provides the foundational components that a...

[SECURITY] [DSA 6110-1] openjdk-17 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6110-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 25, 2026 https://www.debian.org/security/faq -...

Azure Linux 3.0 Security Update: samba (CVE-2022-2031)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2031 advisory. - A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single...

Vulnerability fixed in GNU Inetutils telnetd

Security researchers have found a a vulnerability in Inetutils telnetd version 2.7. This vulnerability has been present since version 1.9.3 that came out in 2015, according to the researchers. The vulnerability is in the way the telnetd service handles the USER environment variable. By setting th...

PT-2026-3648

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

MiracleLinux 9 : krb5-1.21.1-1.el9 (AXSA:2023-6633:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6633:07 advisory. krb5: Denial of service through freeing uninitialized pointer CVE-2023-36054 krb5: double-free in KDC TGS processing CVE-2023-39975 Tenable has...

Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware

Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets...

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a...

CVE-2026-0943 HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability

HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hbsrc.tar.gz in the source tarball, which is affected by CVE-2026-22693...

CVE-2026-23729

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarDescricao and...

CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarDescricao and...

CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=TipoSaidaControl...

CVE-2026-23727

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=TipoSaidaControl...

MiracleLinux 7 : docker-distribution-2.6.2-1.git48294d9.el7 (AXSA:2017-2274:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-2274:01 advisory. It was found that docker-distribution did not properly restrict memory allocation size for a registry instance through the manifest endpoint. An attacker cou...

[SECURITY] [DSA 6099-1] python-parsl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6099-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2026 https://www.debian.org/security/faq -...

AmbShield: Enhancing Physical Layer Security with Ambient Backscatter Devices against Eavesdroppers

Passive eavesdropping compromises confidentiality in wireless networks, especially in resource-constrained environments where heavyweight cryptography is impractical. Physical layer security PLS exploits channel randomness and spatial selectivity to confine information to an intended receiver wit...

MiracleLinux 3 : krb5-1.6.1-70.AXS3 (AXSA:2012-256:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-256:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...

MiracleLinux 4 : krb5-1.8.2-3.AXS4.6 (AXSA:2011-125:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-125:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...