CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

PAN-OS Management Interface - Path Confusion to Authentication Bypass

A vulnerability in PAN-OS management interface allows authentication bypass through path confusion between Nginx and Apache handlers.The issue occurs due to differences in path processing between Nginx and Apache, where double URL encoding combined with directory traversal can bypass authenticati...

Juniper Junos OS Vulnerability (JSA92864)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA92864 advisory. - An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a...

Juniper Junos OS Vulnerability (JSA100092)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100092 advisory. - A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, lo...

EUVD-2026-21080

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

CVE-2026-33787

The CVE-2026-33787 entry describes an Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS chassisd on SRX1500, SRX4100, SRX4200, and SRX4600. When a specific show chassis CLI command is run, chassisd crashes and restarts, causing a momentary DoS with traffic disrupti...

CVE-2026-33779 Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication

An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connect t...

Juniper Junos OS Vulnerability (JSA107866)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107866 advisory. - A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information...

Juniper Junos OS Vulnerability (JSA107875)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107875 advisory. - An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific,...

Juniper Junos OS Vulnerability (JSA100056)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100056 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge t...

EUVD-2026-18957

Electron: AppleScript injection in app.moveToApplicationsFolder on macOS...

Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. CVE-2026-27138: crypto/x509:...

QNAP Systems Media Streaming add-on 操作系统命令注入漏洞

The QNAP Systems Media Streaming add-on is a multimedia enhancement plugin developed by QNAP Systems, a company from Taiwan, China. The QNAP Systems Media Streaming add-on has a vulnerability related to operating system command injection. This vulnerability stems from command injections, which ma...

Juniper Junos OS Vulnerability (JSA103173)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103173 advisory. - A NULL Pointer Dereference vulnerability in the chassis daemon chassisd of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with low privileges ...

CVE-2025-58381

A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories...

EUVD-2025-206658

A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories...

CVE-2025-58382

A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload...

NVIDIA NSIGHT Graphics Operating System Command Injection Vulnerability

NVIDIA NSIGHT Graphics is a GPU graphics debugging and performance analysis tool from NVIDIA. NVIDIA NSIGHT Graphics suffers from an operating system command injection vulnerability that stems from a lack of input validation, which can be exploited by attackers to cause code execution, elevation ...

CVE-2026-21912 Junos OS: MX10k Series: 'show system firmware' CLI command may lead to LC480 or LC2101 line card reset

A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in the method to collect FPC Ethernet firmware statistics of Juniper Networks Junos OS on MX10k Series allows a local, low-privileged attacker executing the 'show system firmware' CLI command to cause an LC480 or LC2101 line card to...

CVE-2022-33184

A vulnerability in fabseg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account...