9833 matches found
PT-2026-52105
Name of the Vulnerable Software and Affected Versions Sentry versions 24.4.0 through 26.5.1 Description A Regular Expression Denial of Service ReDoS exists in the event ingestion pipeline. This occurs when a regular expression is applied to attacker-controlled fields on incoming events, allowing...
CVE-2026-12163
Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting XSS vulnerability in the Asset View UI component. An authenticated user with sufficient privileges to create or modify affected node or database configuration fields...
CVE-2026-12164
Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...
CVE-2026-12164
Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...
CVE-2026-12164 Privilege Escalation in Fortra File Integrity Monitoring (FIM)
Fortra File Integrity Monitoring FIM, formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission...
[SECURITY] Fedora 44 Update: prometheus-3.12.0-1.fc44
The Prometheus monitoring system and time series database...
[SECURITY] Fedora 43 Update: prometheus-3.12.0-1.fc43
The Prometheus monitoring system and time series database...
PT-2026-51605
Name of the Vulnerable Software and Affected Versions Fortra File Integrity Monitoring FIM versions prior to 9.4.0 Description An issue exists where incorrect or elevated effective permissions may be assigned to users created by the tetool import command while the software is running. This occurs...
A VBScript campaign distributed through WhatsApp deploying RMM software
In June 2026, we observed a malware campaign distributing malicious VBScript files through direct messages in WhatsApp. The campaign affected users across multiple countries and territories, including Malaysia, Brazil, India, Mexico, Singapore, UK, Spain, Taiwan, Australia, Russia and Vietnam, wi...
Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments
Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/amd: Fixed a crash that occurred due to a race between amdpmuenableall, perf NMI, and throttling. amdpmuenableall does the following: if !testbitidx, cpuc-activemask continue; amdpmuenableeventcpuc-eventsidx; A perf N...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d The issue of NULL pointer dereferencing was fixed by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...
Astra Linux – Vulnerability in Linux
A flaw related to memory leaks in the Linux kernel’s performance monitoring subsystem was discovered due to the use of PERFEVENTIOCSETFILTER. A local user could exploit this flaw to deplete resources, resulting in a denial of service...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: kernfs: Fixed a UAF Use-after-Free issue during polling when the opened file is released. A Use-after-Free vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-fre...
Astra Linux – Vulnerability in Zabbix
A regular Zabbix user without access to the Monitoring - Problems view can still call the problem.view.refresh action, and thus still retrieve a list of active problems...
Security Bulletin: IBM Tivoli Monitoring is included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent
Summary IBM Tivoli Monitoring is included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocol...
CVE-2026-39581
CVE-2026-39581 documents a SQL Injection in the WordPress plugin WP Sessions Time Monitoring Full Automatic for versions
CVE-2026-39581 WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.1.4 - SQL Injection vulnerability
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...
EUVD-2026-37047
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...