PT-2026-2465

Name of the Vulnerable Software and Affected Versions Dell SupportAssist OS Recovery versions prior to 5.5.15.1 Description Dell SupportAssist OS Recovery contains a flaw related to the creation of temporary files with insecure permissions. A local attacker with low privileges could potentially...

Vanilla OS 2 Core image 安全漏洞

Vanilla OS 2 Core image is an open source base system image for Vanilla OS. A security vulnerability exists in Vanilla OS 2 Core image version v1.1.0, which stems from the use of static keys by the SSH service and could lead to a man-in-the-middle attack...

PT-2026-2433

Name of the Vulnerable Software and Affected Versions fabricators Ltd Vanilla OS 2 Core image version 1.1.0 Description The software contains static keys for the SSH service. This may allow attackers to execute a man-in-the-middle attack during connections with other hosts. Recommendations At the...

CVE-2024-54855

fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS that stems from improper handling of input in the web-based management interface, which could trigger unexpected behavior...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS versions 10 and 8, which stems from an arbitrary file upload vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

Photon OS 5.0: Linux PHSA-2026-5.0-0735

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0735. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

PT-2026-2461

Name of the Vulnerable Software and Affected Versions mobility conductors versions AOS-8 and AOS-10 Description An arbitrary file deletion issue exists in the command-line interface of mobility conductors. A remote attacker with authentication could delete arbitrary files within the affected...

Microsoft Windows 输入验证错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. Microsoft Windows suffers from an input validation error vulnerability. An attacker could exploit this vulnerability to remotely execute code. The following products and editions are...

Microsoft Windows SMB Server 竞争条件问题漏洞

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...

PT-2026-2767

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS that stems from a command injection vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

PT-2026-2341

Name of the Vulnerable Software and Affected Versions SAP Application Server for ABAP and SAP NetWeaver RFCSDK affected versions not specified Description An authenticated attacker with administrative access and adjacent network access could potentially execute arbitrary operating system commands...

PT-2026-2456

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

PT-2026-2458

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

PT-2026-2442

Name of the Vulnerable Software and Affected Versions Progress LoadMaster affected versions not specified Description An authenticated attacker with “User Administration” permissions can execute arbitrary commands on the LoadMaster appliance. This is due to unsanitized input in the API input...

PT-2026-3195

Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description An authenticated user with standard operating system privileges could modify TCL Macro scripts. Successful exploitation may lead to privilege escalation to the operating system...

CVE-2024-54855

fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts...

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from the presence of a stack overflow that could lead to the execution of arbitrary code...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE, USA. A security vulnerability exists in HPE AOS 8 that stems from a command injection vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...