VEGA VEGAPULS 6X 访问控制错误漏洞

VEGA VEGAPULS 6X is a series of radar level measurement sensors from the German company VEGA. The VEGA VEGAPULS 6X features two-wire PROFINET, Modbus TCP, and OPC UA interfaces. There are access control vulnerability issues associated with these devices; these vulnerabilities stem from insecurely...

firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...

firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...

firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...

CVE-2026-22077

OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure...

OPPO Wallet 访问控制错误漏洞

OPPO Wallet is a mobile wallet application developed by OPPO Corporation in China. It integrates payment, card and coupon management, as well as digital lifestyle services. OPPO Wallet has a access control vulnerability, which stems from a trust domain verification flaw. This vulnerability could...

Cisco IOS XE Software DoS (cisco-sa-iosxe-mntc-dos-LZweQcyq)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014322 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's...

[SECURITY] Fedora 44 Update: qt6-qtquicktimeline-6.10.3-1.fc44

The Qt Quick Timeline plugin provides QML types to use timelines and keyframes to animate Qt Quick user interfaces...

[SECURITY] Fedora 44 Update: goose-1.23.2-8.fc44

Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...

CVE-2026-41421

SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer. The notification route POST /api/notification/pushMsg accepts a user-controlled msg value, forwards it through the backend broadcast...

CVE-2026-35064

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

CVE-2026-35064

CVE-2026-35064 concerns SenseLive X3050’s management ecosystem. The vulnerability allows unauthenticated discovery of deployed units via the vendor’s management protocol, enabling an attacker on the same network segment to identify device presence, identifiers, and management interfaces because d...

CVE-2026-35064 SenseLive X3050 Missing authentication for critical function

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

EUVD-2026-25358

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the work item “pmsrfreewk” is not canceled in the cfg80211 component. This...

PT-2026-34806

A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are...

ID-Eraser: Proactive Defense against Face Swapping Via Identity Perturbation

Deepfake technologies have rapidly advanced with modern generative AI, and face swapping in particular poses serious threats to privacy and digital security. Existing proactive defenses mostly rely on pixel-level perturbations, which are ineffective against contemporary swapping models that extra...

Fedora 42 : composer (2026-d91f313a63)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d91f313a63 advisory. Version 2.9.7 - 2026-04-14 Fixes regression calling custom script command aliases that are called a substring of a composer command 12802 ---- Versi...

Cisco IOS XE Software Lobby Ambassador Privilege Escalation (cisco-sa-iosxe-lobby-privesc-KwxBqJy)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would...