CVE-2026-10584

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

CVE-2026-45745

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Starting in version 1.7.0, Termix Desktop Electron disables TLS certificate validation, allowing a machine-in-the-middle attacker to intercept and modify HTTPS traffic to the configured...

CVE-2026-47107

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

EUVD-2026-30958

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

PT-2026-41986

Name of the Vulnerable Software and Affected Versions Windmill versions prior to 1.703.2 Description Incorrect default permissions in nsjail sandbox configuration files allow the /etc directory to be bind-mounted without read-write restrictions. This enables authenticated users to write arbitrary...

EUVD-2020-17884

Malware in sbrugna...

Fortinet FortiNAC-F 信任管理问题漏洞

Fortinet FortiNAC-F is a set of network access control solutions from the American Fiat Fortinet. The product is mainly used for network access control and IoT security. Fortinet FortiNAC-F suffers from a trust management issue vulnerability that stems from improper certificate validation, which...

Hardcoded credentials

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection...

CVE-2020-36128

Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by a token spoofing vulnerability. Each payment terminal has a session token called X-Terminal-Token to access the marketplace. This allows the store to identify the terminal and make available the applications distributed by its...

SUSE: Security Advisory (SUSE-SU-2021:0241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : MozillaFirefox (openSUSE-2021-222)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 - CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests - CVE-2021-23954: Fixed a type confusion when using logical assignment operator...

Updated thunderbird packages fix security vulnerabilities

Cross-origin information leakage via redirected PDF requests. CVE-2021-23953 Type confusion when using logical assignment operators in JavaScript switch statements. CVE-2021-23954 IMAP Response Injection when using STARTTLS. CVE-2020-15685 HTTPS pages could have been intercepted by a registered...

MGASA-2021-0066 Updated thunderbird packages fix security vulnerabilities

Cross-origin information leakage via redirected PDF requests. CVE-2021-23953 Type confusion when using logical assignment operators in JavaScript switch statements. CVE-2021-23954 IMAP Response Injection when using STARTTLS. CVE-2020-15685 HTTPS pages could have been intercepted by a registered...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0259-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 - CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests - CVE-2021-23954: Fixed a type confusion when using logical assignment operators ...

OPENSUSE-SU-2021:0223-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests CVE-2021-23954: Fixed a type confusion when using logical assignment operators in...

OPENSUSE-SU-2021:0222-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests CVE-2021-23954: Fixed a type confusion when using logical assignment operators in...

SUSE-SU-2021:0259-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests CVE-2021-23954: Fixed a type confusion when using logical assignment operators in...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0246-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 - CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests - CVE-2021-23954: Fixed a type confusion when using logical assignment operators ...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2021:0208-1 Rating: important References: 1181414 Cross-References: CVE-2020-15685 CVE-2020-26976 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2021-23964 Affected Products: openSUSE Leap 15.1 An upda...

OPENSUSE-SU-2021:0208-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird was updated to 78.7.0 ESR MFSA 2021-05, bsc1181414 CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests CVE-2021-23954: Fixed a type confusion when using logical assignment operato...