475 matches found
Electerm has an unvalidated shell.openExternal that allows arbitrary protocol execution via terminal link click
Impact Electerm's terminal hyperlink handler passes any URL clicked in the terminal directly to shell.openExternal without any protocol validation. When a user connects to a malicious SSH server, the attacker can print a crafted URI in the terminal output. If the victim clicks the link,...
Important: Red Hat Security Advisory: General availability of the satellite/iop-puptoo-rhel9 container image
A new satellite/iop-puptoo-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and...
Important: Red Hat Security Advisory: General availability of the satellite/iop-host-inventory-frontend-rhel9 container image
A new satellite/iop-host-inventory-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of stack-local variables as source data during KVM x86 MMIO writes. When writing data tha...
CVE-2026-28264
Dell PowerProtect Agent Service, versions prior to 20.1, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...
Ubuntu: Security Advisory (USN-8153-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: General availability of the satellite/iop-insights-engine-rhel9 container image
A new satellite/iop-insights-engine-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services,...
Important: Red Hat Security Advisory: General availability of the satellite/iop-advisor-backend-rhel9 container image
A new satellite/iop-advisor-backend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services,...
Important: Red Hat Security Advisory: General availability of the satellite/iop-advisor-frontend-rhel9 container image
A new satellite/iop-advisor-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services...
EUVD-2026-13267
OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the...
CVE-2026-24311
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...
Neo4j Enterprise Edition 安全漏洞
Neo4j Enterprise Edition is a graph database developed by the American company Neo4j. Versions prior to 2026.02 and 5.26.22 contained security vulnerabilities. These vulnerabilities were caused by errors in namespace resolution within composite databases, which could potentially allow...
Easy File Sharing Web Server 缓冲区错误漏洞
Easy File Sharing Web Server is an open-source file sharing server developed by Easy File Server. Version 7.2 of Easy File Sharing Web Server contains a buffer error vulnerability, which stems from an issue with handling local structured data exceptions, leading to a buffer overflow. This...
EUVD-2026-10833
The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-10447
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...
EUVD-2026-10446
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...
CVE-2026-24311
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...
CVE-2026-24311
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...
CVE-2026-24311 Insecure Storage Protection vulnerability in SAP Customer Checkout 2.0
The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow modifications to occur without validation. Such changes coul...
SAP Customer Checkout 安全漏洞
SAP Customer Checkout is a sales terminal management system for retail and catering scenarios developed by the German company SAP. There is a security vulnerability in SAP Customer Checkout. This vulnerability stems from the use of a reversible protection mechanism to locally store operation data...