PT-2026-42119

Name of the Vulnerable Software and Affected Versions FreePBX affected versions not specified Description Hardcoded credentials in the Userman module allow unauthenticated access to the portal, potentially exposing business phone systems. Recommendations Update the installed modules to the latest...

CLSA-2026-1778932682 python3: Fix of CVE-2024-4032

CVE-2024-4032: update ipaddress module to reflect latest IANA Special-Purpose Address Registries...

kernel security update

6.12.0-124.55.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

OpenSTAManager contains an arbitrary file upload vulnerability in its module update functionality

OpenSTAManager versions 2.10 and earlier contain an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...

CVE-2026-38751

OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...

CVE-2026-38751

CVE-2026-38751 affects OpenSTAManager versions prior to 2.11 (2.10 and earlier) and is an arbitrary file upload vulnerability in the module update endpoint (modules/aggiornamenti/upload_modules.php). The Red Hat/NVD/CVE records, along with PT-Security and CVE enrichment sources, confirm a vulnera...

CVE-2026-38751

OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...

OpenSTAManager 代码问题漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager 2.10 and earlier had code-related vulnerabilities, which stemmed from arbitrary file upload vulnerabilities in the module update function...

EUVD-2026-27086

OpenSTAManager version 2.10 and earlier contains an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...

CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

PT-2026-28316

Name of the Vulnerable Software and Affected Versions Node.js versions 20.x, 22.x, 24.x and v25.x Description A flaw in Node.js HTTP request handling results in an uncaught TypeError when a request includes a header named proto and the application accesses req.headersDistinct. Specifically, dest"...

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

PT-2025-50691

Name of the Vulnerable Software and Affected Versions Ruijie RG-S1930 versions S1930SWITCH 3.01B11P230 Description An OS Command Injection issue exists in Ruijie RG-S1930. Successful exploitation allows attackers to execute arbitrary commands. This is achieved by sending a crafted POST request to...

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

Ruijie RG-S1930 安全漏洞

The Ruijie RG-S1930 is a series of Layer 2 network management switches from Ruijie China. A security vulnerability exists in the Ruijie RG-S1930 S1930SWITCH3.01B11P230 version, which originates from improper handling of a specially crafted POST request for moduleupdate in the file...

CVE-2025-56130

The CVE-2025-56130 affects Ruijie RG-S1930 series switches (S1930SWITCH_3.0(1)B11P230). AOS vulnerability: OS Command Injection via a crafted POST to the module_update endpoint in /usr/local/lua/dev_config/ace_sw.lua. Impact is arbitrary command execution with high severity (CVSS 3.1: AV:N/AC:L/P...

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

[SECURITY] Fedora 42 Update: qt5-qttranslations-5.15.18-1.fc42

Qt5 - QtTranslations module...