Security Bulletin: Multiple vulnerabilities in OpenSSH affect AIX

Summary There are multiple vulnerabilities in OpenSSH used by AIX CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2026-35385 DESCRIPTION: In OpenSSH before 10.3, a file downloaded by scp may b...

CVE-2024-47270

Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7, Sonoma 14.8, and Tahoe 26. These vulnerabilities stem from permission issues, which may allow applications to modify the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the getdumpable logic in ptrace, potentially leading to permission-related...

CVE-2026-41959

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems. Note: Software versions which have...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.5 had a security vulnerability due to permission issues, which could allow applications to access protected user data...

EUVD-2026-25019

The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleadi...

Apple Xcode 安全漏洞

Apple Xcode is an integrated development environment provided by the American company Apple for developers. It is primarily used for developing applications for Mac OS X and iOS. Versions of Apple Xcode prior to 26.4 contained security vulnerabilities, which were due to permission issues,...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4. These vulnerabilities stem from permission issues, which may allow applications to modif...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4. These vulnerabilities stem from permission issues, which may allow applications to modif...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

Vaultwarden 安全漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García. Versions of Vaultwarden prior to 1.35.4 contained security vulnerabilities. These vulnerabilities stemmed from the Manager’s ability to execute multiple management operations even when the...

Apple iOS and Apple iPadOS security vulnerabilities

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 18.3 and Apple iPadOS prior to 18.3 contained security vulnerabilities. These...

Apple Xcode security vulnerabilities

Apple Xcode is an integrated development environment provided by the American company Apple for developers. It is primarily used for developing applications for Mac OS X and iOS platforms. Versions of Apple Xcode prior to 16.3 contained security vulnerabilities due to permission issues, which cou...

Apple iOS and Apple iPadOS security vulnerabilities

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 18.3 and iPadOS prior to 18.3 contained security vulnerabilities. These...

CVE-2018-12884

In Octopus Deploy 3.0 onwards before 2018.6.7, an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu...

CVE-2017-18450

cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convertroundcubemysql2sqlite SEC-255...

CVE-2019-12433

An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. It has Improper Input Validation. Restricted visibility settings allow creating internal projects in private groups, leading to multiple permission issues...

JLSEC-2025-305 A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existen...

A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones...