EUVD-2026-27323

An issue was discovered in Gambio 4.9.2.0 patched in 2024-02 v1.0.0 for GX4 v4.0.0.0 to v4.9.2.0. The password reset function can be bypassed to set arbitrary passwords for arbitrary accounts if the ID is known...

CVE-2025-10573: Ivanti EPM Unauthenticated Stored Cross-Site Scripting (Fixed)

Ivanti Endpoint Manager “EPM” versions 2024 SU4 and below are vulnerable to stored cross-site scripting “XSS”. The vulnerability, tracked as CVE-2025-10573 and assigned a CVSS score of 9.6, was patched on December 9, 2025 with the release of Ivanti EPM version EPM 2024 SU4 SR1. An attacker with...

CVE-2025-7020

CVE-2025-7020 affects BYD DiLink 3.0 OS (e.g., ATTO3) on the In-Vehicle Infotainment storage. The issue is an incorrect encryption implementation in the system log dump feature, introduced in a patch intended to fix CVE-2024-54728. A attacker with physical access can bypass log-dump encryption an...

Security update for nodejs20

This update for nodejs20 fixes the following issues: CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 Other fixes: - Updated to 20.18.1: Experimental Network Inspection Support in Node.js Exposes X509VFLAGPARTIALCHAIN to tls.createSecureContext New...

Security update for cargo-c

This update for cargo-c fixes the following issues: Security fixes: CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: Update to version 0.10.3git0.ee7d7ef: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

PT-2024-9442 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2024.0.0 Description: The issue is related to a SQL Injection vulnerability in WhatsUp Gold, which can be exploited by an unauthenticated attacker to retrieve a user's encrypted password. The vulnerability is...

PT-2024-5637 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows kernel. This vulnerability allows attackers to elevate their privileges, potentially leading to syst...

Android Security Bulletin—June 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2024-06-05 or later from the June 2024 Android Security Bulletin in addition to all issues in this...

PT-2024-4747

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version Description The issue is related to a logic error in the code, which could lead to local escalation of privilege with no additional execution privileges needed. User interaction is required for...

Android Automotive OS Update Bulletin—February 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Android Automotive OS AAOS Update Bulletin contains details of security vulnerabilities affecting the Android Automotive OS platform. The full AAOS update comprises the security patch level of 2024-02-05 or later from the February 2024 Android Security Bulletin in addition to all issues in th...

UBUNTU-CVE-2024-21646

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

Pixel Update Bulletin—January 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2024-01-05 or later address all issues in this bulletin and all issues in the January 2024 Android...