1611 matches found
EUVD-2025-29552
Malicious code in bioql PyPI...
CVE-2025-49641
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
CVE-2025-49641
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
CVE-2025-49641
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
DEBIAN-CVE-2025-49641
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
UBUNTU-CVE-2025-49641
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
CVE-2025-49641 Insufficient permission check for the problem.view.refresh action
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
CVE-2025-49641 Insufficient permission check for the problem.view.refresh action
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
CVE-2025-49641
CVE-2025-49641 affects Zabbix deployments; a regular user without access to Monitoring → Problems can call problem.view.refresh and retrieve a list of active problems. Root cause described as insufficient permission checks for the problem.view.refresh action. The connected sources (Red Hat, Debia...
CVE-2025-49641
A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...
PT-2025-40516
Name of the Vulnerable Software and Affected Versions Zabbix affected versions not specified Description A standard Zabbix user lacking the necessary permissions for the Monitoring - Problems view can still execute the problem.view.refresh action, allowing them to retrieve a list of active...
Insufficient Session Expiration
github.com/coder/coder/v2 is vulnerable to Insufficient Session Expiration. The vulnerability is due to session expiration bypass due to Coder allowing a web session to remain active when the OpenID Connect provider does not return a refresh token, so the session can continue past the IdP-issued...
AZL-72343 CVE-2025-39851 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object VXLAN FDB entries can point to either a remote destination or an FDB nexthop group. The latter is usually used in EVPN deployments where learning is disabled...
MAL-2025-47261 Malicious code in @operato/pull-to-refresh (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 39c531d69236f30c439fba626f7b50e5ec2e952f4f6f6f933a5ae1603f7494b1 Any computer that has this package installed or running should be considered fully compromised. All...
CLSA-2025-1758034087 kernel: Fix of 24 CVEs
tls: always refresh the queue when reading sock CVE-2025-38471 - Bluetooth: hcicore: Fix use-after-free in vhciflush CVE-2025-38250 - i2c/designware: Fix an initialization issue CVE-2025-38380 - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds CVE-2025-38159 - mm/hugetlb:...
CVE-2025-10290
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press. This vulnerability was fixed in Focus for iOS...
CVE-2025-10290 Opening links via the contextual menu in Focus for iOS would not update the toolbar UI correctly, allowing attackers to spoof websites
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press. This vulnerability was fixed in Focus for iOS...
CVE-2025-10290 Opening links via the contextual menu in Focus for iOS would not update the toolbar UI correctly, allowing attackers to spoof websites
Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press. This vulnerability was fixed in Focus for iOS...
Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: Oracle July 15 2025 CPU bsc1247754. CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications th...
PT-2025-37927
Name of the Vulnerable Software and Affected Versions: Focus for iOS versions prior to 143.0 Description: Opening links via the contextual menu for certain URL schemes would fail to load, but the toolbar would not refresh correctly. This could allow attackers to spoof websites if users were coerc...