2551 matches found
Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting
Verint Workforce Optimization 15.2.8.10048 contains a cross-site scripting vulnerability via the control/mynotifications NEWUINAV parameter. id: CVE-2021-36450 info: name: Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting author: atomiczsec severity: medium description: Verint...
Astro - Unauthorized Third-Party Image Access
Astro 5.13.2 and 4.16.18 contains an information disclosure vulnerability caused by improper validation of protocol-relative URLs in the image optimization endpoint, letting attackers serve images from unauthorized third-party domains, exploit requires on-demand rendering deployment. id:...
Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.3.5 (CUDA)
Red Hat AI Inference Server Model Optimization Tools 3.3.5 CUDA is now available. Red Hat® AI Inference Server Model Optimization Tools...
Astra Linux – Vulnerability in Firefox and Thunderbird
Due to incorrect JIT optimization, we misinterpreted data from the wrong type of object, resulting in the potential leakage of a single bit of memory. This vulnerability affects Firefox 91 and Thunderbird 91...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390: Disabling ARCHWANTOPTIMIZEHUGETLBVMEMMAP According to Luiz Capitulino, enabling HVO on s390 leads to reproducible crashes. The issue arises because the kernel’s page tables are modified without flushing the corresponding TL...
Astra Linux – Vulnerability in SQLite3
In SQLite 3.31.1, the isAuxiliaryVtabOperator function allows attackers to trigger a NULL pointer dereferencing and segmentation fault due to generated column optimizations...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: core: scsihostbusy should be moved out of the host lock to wake up the EH handler. Inside scsiehwakeup, scsihostbusy is called and checked with the host lock every time to determine whether the error handler kthread needs t...
Security Bulletin: Multiple Vulnerabilities affect IBM Decision Optimization for Cloud Pak for Data.
Summary Multiple Vulnerabilities were addressed in IBM Decision Optimization for Cloud Pak for Data version 5.3.1 patch 6 Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname...
New Forrester Total Economic Impact™ study projects a 124% ROI from unifying with Microsoft Security
Across many industries, organizations are unifying security and putting AI agents to work. Security teams are utilizing agents that reason, decide, and act on their behalf, under their governance. At Microsoft, we see this firsthand—more than 80% of the Fortune 500 are already using AI.1 The...
Reachable Assertion
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Reachable Assertion via the resolveobjbyqualname function. An attacker can execute arbitrary code by publishing a malicious model with a crafted...
CVE-2025-68840
CVE-2025-68840 is a reflected XSS vulnerability in the WordPress plugin iRobots.txt SEO, affected versions:
PT-2026-49350
Unauthenticated Cross Site Scripting XSS in iRobots.txt SEO = 1.1.2 versions...
PT-2026-49364
Name of the Vulnerable Software and Affected Versions Rank Math SEO versions prior to 1.0.272 Description Broken access control allows users with the Subscriber role to perform unauthorized actions within the plugin. Recommendations Update to version 1.0.272 or later...
CVE-2026-53608
ApostropheCMS is an open-source Node.js content management system. Versions up to and including 1.4.2 of the @apostrophecms/seo package injects the Google Analytics Tracking ID seoGoogleTrackingId and Google Tag Manager ID seoGoogleTagManager directly into tag bodies using JavaScript template...
Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (cuda)
Red Hat AI Inference Server Model Optimization Tools 3.2.2 cuda is now available. Red Hat® AI Inference Server Model Optimization Tools...
Important: Red Hat Security Advisory: Red Hat AI Inference Model Optimization Tools 3.4.1 (cuda)
Red Hat AI Inference Model Optimization Tools 3.4.1 cuda is now available. Red Hat AI Inference Model Optimization Tools...
Hardware-Aware QAOA for Honeypot Traffic Partitioning on 100+ Qubit IBM Quantum Processors
Denial-of-service DoS and distributed denial-of-service DDoS mitigation requires separating malicious traffic from benign traffic while minimizing disruption to legitimate users. Prior work proposed mapping honeypot traffic partitioning to a weighted MaxCut problem and solving the resulting graph...
Security Bulletin: Multiple Vulnerabilities affect IBM Decision Optimization for Cloud Pak for Data.
Summary Multiple Vulnerabilities were addressed in IBM Decision Optimization for Cloud Pak for Data version 5.3.1 patch 2 Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The...
CVE-2026-46256
In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...