VMware Cloud Foundation Operations 安全漏洞

VMware Cloud Foundation Operations is a private cloud operations management platform provided by the American company VMware. There is a security vulnerability in VMware Cloud Foundation Operations. This vulnerability stems from multiple storage-based cross-site scripting vulnerabilities, which...

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from public access rights that are not checked by the core Broadcast Receiver. This vulnerability may allow unauthorized local software component...

Nozomi Networks CMC和Nozomi Networks Guardian 安全漏洞

Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have security...

CVE-2026-4818 Some management operations on data streams are not properly restricted when user does not have the necessary privileges

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4818

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

AWS VDP: Encryption context keys and values logged at INFO level

Component: cmd/server/main.go:101-106 Affected Version: aws-encryption-provider @ 4341c70 all versions Found by: Source audit TLP: TLP:Amber --- Summary The server startup code logs all encryption context key-value pairs at INFO level. Encryption context is metadata associated with KMS operations...

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven automated IT operations management platform provided by the American company VMware. It is suitable for private cloud, hybrid cloud, and multi-cloud environments. There is a security vulnerability in VMware Aria Operations, which stems from a...

Keylime 安全漏洞

Keylime is an open-source scalable trust system developed using TPM technology. Versions of Keylime 7.12.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of enforcement of client-side TLS authentication, which may allow unverified clients to execute...

GO-2025-4251 Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama

Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama...

net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY

...

EUVD-2018-13775

Malware in sbrugna...

EUVD-2025-19825

Malicious code in bioql PyPI...

EUVD-2025-30188

Malicious code in bioql PyPI...

EUVD-2025-30227

Malicious code in bioql PyPI...

EUVD-2025-30228

Malicious code in bioql PyPI...

CVE-2025-54860

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a...

CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-53969 Cognex In-Sight Explorer and In-Sight Camera Firmware Client-Side Enforcement of Server-Side Security

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the...

CVE-2025-54818 Cognex In-Sight Explorer and In-Sight Camera Firmware Cleartext Transmission of Sensitive Information

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channe...

CVE-2025-54497

CVE-2025-54497 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. A telnet-based service exposed on port 23 (requires authentication) can be misused by a user with protected privileges to invoke SetSerialPort and alter device properties (e.g., serial interface settings), violating the...