226 matches found
PT-2026-22942
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists in a standardized wireless roaming protocol that may allow an attacker to install a manipulated Group Temporal Key GTK on a client device. Exploitation of this issue could lead to...
Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps
A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology OT networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues...
CVE-2026-24779
A flaw was found in vLLM, an inference and serving engine for large language models LLMs. A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class, specifically within the loadfromurl and loadfromurlasync methods. An attacker can exploit differing interpretations of...
CVE-2025-59097
The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...
EUVD-2025-206361
The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...
Dormakaba Access Manager security vulnerabilities
The Dormakaba Access Manager is a smart hardware controller developed by the Dormakaba company in the United States. There are security vulnerabilities associated with the Dormakaba Access Manager. These vulnerabilities stem from the default configuration, where SOAP requests are sent to the Acce...
PT-2026-4747
The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...
Security Bulletin: Astronomer with IBM is vulnerable to network segmentation abuse due to the moby package (CVE-2025-54410)
Summary Moby is used by Astronomer with IBM as part of container management. Vulnerability Details CVEID:CVE-2025-54410 DESCRIPTION: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream...
Beyond NSX: A Strategic Alternative for VMware Customers
Broadcom’s VMware acquisition has driven up costs and complexity. Akamai Guardicore Segmentation offers a modern, secure, and cost-efficient path beyond NSX...
Amazon Linux 2 : docker, --advisory ALAS2ECS-2025-076 (ALASECS-2025-076)
The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-076 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container...
Rockwell Automation Compact GuardLogix 5370
RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...
Securing U.S. Critical Infrastructure: Lessons from Stuxnet and the Ukraine Power Grid Attacks
Industrial Control Systems ICS underpin the United States' critical infrastructure, managing essential services such as power, water, and transportation that are vital to national security and public safety. However, increasing digital integration has exposed these systems to escalating cyber...
EUVD-2005-4435
Malware in sbrugna...
EUVD-2005-4436
Malware in sbrugna...
EUVD-2025-23166
Malicious code in bioql PyPI...
CVE-2025-34201 Vasion Print (formerly PrinterLogic) Lack of Network Segmentation Between Docker Instances
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments run many Docker containers on shared internal networks without firewalling or segmentation between instances. A compromise of any single container allows direct access to internal services HTTP, Redi...
SUSE SLES15 Security Update : kernel (SUSE-SU-2025:02853-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02853-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
CVE-2025-54410
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...
CVE-2025-54410 Moby's Firewalld reload removes bridge network isolation
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...
CVE-2025-54410 Moby's Firewalld reload removes bridge network isolation
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...