CVE-2026-9291

Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We recommend you upgrade to...

CVE-2026-9291

Summary: CVE-2026-9291 describes an insecure deserialization flaw in the Amazon Braket SDK’s job results processing. Affected software: Amazon Braket SDK (job results processing component) before version 1.117.0. Impact (as stated): A remote authenticated user with S3 write access to the job outp...

EUVD-2026-31483

Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We recommend you upgrade to...

Astra Linux - уязвимость в net-snmp

The handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP versions 5.8 through 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

CVE-2026-41364

OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can exploit this by uploading tar archives containing symlinks to escape the sandbox and overwrite files on the remote host...

Advisory ROSA-SA-2026-3199

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 unaffected versions = rsync-3.1.3-23.rv3 affected versions rsync-3.1.3-23.rv3 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync...

SUSE多款产品 安全漏洞

SUSE Manager and SUSE Manager Server are both products of SUSE Germany.SUSE Manager is a Linux server management system. The system provides automated software management, system configuration, and monitoring.SUSE Manager Server is an infrastructure management solution designed to simplify and...

PT-2023-6408 · Spring · Spring Amqp

Name of the Vulnerable Software and Affected Versions: Spring AMQP versions 1.0.0 through 2.4.16 Spring AMQP versions 3.0.0 through 3.0.9 Description: The issue is related to shortcomings in the deserialization mechanism of the Spring AMQP RabbitMQ application. This could allow a remote attacker ...

net-snmp: NULL Pointer Exception when handling ipDefaultTTL

A vulnerability was found in Net-SNMP. This issue occurs because the handleipDefaultTTL function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker who has to write access to cause the instance to crash via a crafted UDP packet,...

SUSE CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet resulting in Denial of Service.

...

ALPINE-CVE-2022-44792

handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...

OSIsoft PI Vision 跨站脚本漏洞

Osisoft OSIsoft PI Vision is a suite of visualization tools from OSIsoft Osisoft USA that supports accessing PI System data from mobile devices, and supports self-configuration of trends, images, and data values in order to present data information. A cross-site scripting vulnerability exists in...

Authorization Bypass

JBoss Application Server is the base package for JBoss Enterprise Application Platform, providing the core server components. The Java Naming and Directory Interface JNDI Java API allows Java software clients to locate objects or services in an application server. The Java Authorization Contract...

DEBIAN-CVE-2016-5418

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file...

Adobe Flash Player & Compiler Security Mechanism Bypass Vulnerability

Adobe Flash Player, Adobe AIR SDK, and Adobe AIR SDK & Compiler are products of Adobe, Incorporated.Adobe Flash Player is a multimedia player; Adobe AIR SDK and Adobe AIR SDK & Compiler are standard development kits for Adobe AIR a cross-OS runtime environment. Adobe Flash Player is a multimedia...

RHEL 5 : jbossas (RHSA-2012:1025)

Updated jbossas packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3.0 CP10 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVS...

JNDI: unauthenticated remote write access is permitted by default

The 1 JNDI service, 2 HA-JNDI service, and 3 HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly...

JNDI: unauthenticated remote write access is permitted by default

The 1 JNDI service, 2 HA-JNDI service, and 3 HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly...

JNDI: unauthenticated remote write access is permitted by default

The 1 JNDI service, 2 HA-JNDI service, and 3 HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly...