freeradius:3.0 security update

An update is available for module.freeradius, freeradius. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurabl...

SUSE CVE-2026-11695

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-46481

OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TESTCONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in...

DEBIAN-CVE-2026-11695

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CLSA-2026-1779354447 shadow-utils: Fix of CVE-2023-4641

CVE-2023-4641: fix password leak in gpasswd...

CLSA-2026-1779267466 shadow-utils: Fix of CVE-2023-4641

CVE-2023-4641: fix password leak in gpasswd...

CVE-2026-6429

When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability. This vulnerability stems from the fact that the...

EUVD-2026-27883

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

CVE-2026-34474

CVE-2026-34474 affects ZTE ZXHN H298A (1.1) and H108N (2.6) routers. A crafted request to the device’s web interface can cause a sensitive-data exposure, potentially returning the administrator password and WLAN PSK, which could enable authentication bypass and wireless/network compromise. Some f...

CURL-CVE-2026-6429 netrc credential leak with reused proxy connection

When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...

CVE-2026-6553

Changing backend users' passwords via the user settings module results in storing the cleartext password in the uc and usersettings fields of the beusers database table. This issue affects TYPO3 CMS version 14.2.0...

PT-2026-21532

Name of the Vulnerable Software and Affected Versions Shenzhen Tenda F3 Wireless Router firmware version V12.01.01.55 multi Description The router firmware contains a flaw where the configuration download feature reveals the router password and administrative password in plaintext. The response...

Azure Linux 3.0 Security Update: samba (CVE-2016-2124)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2016-2124 advisory. - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve...

MiracleLinux 7 : libosinfo-1.1.0-5.el7 (AXSA:2020-4560:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4560:01 advisory. Libosinfo: osinfo-install-script option leaks password via command line argument CVE-2019-13313 Tenable has extracted the preceding description block directl...

MiracleLinux 9 : shadow-utils-4.9-8.el9 (AXSA:2023-6622:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6622:03 advisory. shadow-utils: possible password leak during passwd1 change CVE-2023-4641 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : shadow-utils-4.6-19.el8 (AXSA:2023-7078:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7078:04 advisory. shadow-utils: possible password leak during passwd1 change CVE-2023-4641 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : gnome-shell-3.32.2-44.el8.ML.1 (AXSA:2022-3635:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3635:03 advisory. gnome-shell: Password from logged-out user may be shown on login screen CVE-2020-17489 Tenable has extracted the preceding description block directly from th...

CVE-2017-18432

In cPanel before 64.0.21, Horde MySQL to SQLite conversion can leak a database password SEC-234...