Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure have cross-site scripting vulnerabilities

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are products of Cisco, a company based in the United States. Cisco Evolved Programmable Network Manager is a network management solution. Cisco Prime Infrastructure is an application software designed to simplify the...

Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...

RHSA-2026:0293 Red Hat Security Advisory: pki-servlet-engine security update

Bulletin has no description...

ROS-20260113-7338

A vulnerability in the dcn30inithw function of the drivers/gpu/drm/amd/display/dc/dcn30/dcn30hwseq.c module of the AMD graphics card Direct Rendering Infrastructure DRI support driver of the Linux operating system kernel is related to pointer dereferencing. Exploitation of the vulnerability could...

ROS-20260113-7308

A vulnerability in the dmupdatemstvcpislotsfordsc function of the Direct Rendering Infrastructure DRI support driver of AMD graphics cards in the Linux operating system kernel is related to insufficient input validation when dividing by zero. Exploitation of the vulnerability could allow an...

ROS-20260113-7305

A vulnerability in the dcnbwupdatefrompplibfclks function of the Direct Rendering Infrastructure DRI support driver of AMD graphics cards in the Linux operating system kernel is related to integer overflow or cyclic shift. Exploitation of the vulnerability could allow an attacker to cause a denia...

USN-7922-5 linux-iot vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

USN-7922-5: Linux kernel (IoT) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

ROS-20260112-7374

A vulnerability in the isdscneedrecompute function of the drivers/gpu/drm/amd/display/amdgpudm/amdgpudmmsttypes.c module of the Direct Rendering Infrastructure DRI support driver for AMD graphics cards in the Linux operating system kernel is related to pointer dereferencing. Exploitation of the...

USN-7940-2: Linux kernel (Azure, N-Series) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

USN-7928-5 linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

USN-7928-5: Linux kernel (KVM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Network drivers; - AFS file system; - F2FS file system; - Tracing...

CVE-2018-12884

In Octopus Deploy 3.0 onwards before 2018.6.7, an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu...

Palo Alto Crosswalk Signals Had Default Passwords

Palo Alto's crosswalk signals were hacked last year. Turns out the city never changed the default passwords...

CVE-2009-4327

The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service memory consumption via unspecified vectors...

CVE-2021-22014

The vCenter Server contains an authenticated code execution vulnerability in VAMI Virtual Appliance Management Infrastructure. An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter...

Exploit for Deserialization of Untrusted Data in Microsoft

Incident Investigation Report Case Title: WSUS Exploi...

CVE-2022-0184

Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode...

CVE-2019-2696

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2011-0825

Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect confidentiality, integrity, and availability, related to Enterprise Infrastructure SEC...