Schneider Electric PowerChute Serial Shutdown Security Bypass Vulnerability (CNVD-2026-18328)

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. A security bypass vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improper validation of a specified number of...

CVE-2026-2403

CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload...

CVE-2026-2403

CWE-1284 Improper Validation of Specified Quantity in Input vulnerability exists that could cause Event and Data Log truncation impacting log integrity when a Web Admin user alters the POST /logsettings request payload...

PT-2026-32675

Name of the Vulnerable Software and Affected Versions PowerChute Serial Shutdown affected versions not specified Description Improper validation of specified quantity in input occurs when a Web Admin user alters the payload of the 'POST /logsettings' request. This issue can lead to Event and Data...

Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric France. A security bypass vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improper validation of a specified number of...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

CVE-2025-67859 Polkit Authorization Check can be Bypassed in the TLP power daemon

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

CVE-2025-67859

The CVE-2025-67859 entry relates to an improper authentication vulnerability in the TLP power daemon (Polkit-related) that allows a local user to arbitrarily change the active power profile and the daemon’s log settings. Affected software is TLP (versions 1.9 before 1.9.1). The issue is categoriz...

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1...

EUVD-2020-20195

Malware in sbrugna...

EUVD-2025-31207

Malicious code in bioql PyPI...

CVE-2020-27691

The Relish Verve Connect VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings...

389-ds-base security update

2.6.1-8 - Resolves: RHEL-83876 - CVE-2025-2487 389-ds-base: null pointer dereference leads to denial of service rhel-9.6 2.6.1-7 - Bump version to 2.6.1-7 2.6.1-6 - Resolves: RHEL-86065 - Backport lib389 fixes required for WebUI rhel-9.6.z - Resolves: RHEL-80713 - Increased memory consumption...

CVE-2024-11923

Under certain log settings the IAM or CORE service will log credentials in the iam logfile in Fortra Application Hub Formerly named Helpsystems One prior to version 1.3...

CVE-2024-11923 Sensitive Information Disclosure in Fortra Application Hub Prior to version 1.3

Under certain log settings the IAM or CORE service will log credentials in the iam logfile in Fortra Application Hub Formerly named Helpsystems One prior to version 1.3...

PT-2025-1715 · Fortra · Fortra Application Hub

Name of the Vulnerable Software and Affected Versions: Fortra Application Hub versions prior to 1.3 Description: The issue concerns the logging of credentials in the iam logfile under certain log settings. This occurs in the IAM or CORE service of Fortra Application Hub. Recommendations: For...

CVE-2023-41113

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It allows an authenticated user to to obtain information about whether certain files exist on disk, what errors if any occ...

Webmin 跨站脚本漏洞

Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.021, which stems from a Stored Cross-Site Scripting XSS vulnerability found in the configuration settings of the system logging...