Linux Distros Unpatched Vulnerability : CVE-2022-21434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are...

Linux Distros Unpatched Vulnerability : CVE-2018-6150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2018-6036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2015-4908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different...

CVE-2025-43988

KuWFi 5G01-X55 FL2020V0.0.12 devices expose an unauthenticated API endpoint ajaxget.cgi, allowing remote attackers to retrieve sensitive configuration data, including admin credentials...

NVIDIA Triton Inference Server Python Out-of-Bounds Read Vulnerability

Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An out-of-bounds...

The vulnerability of the `update-ldcache` function in software for creating and running NVIDIA Container Toolkit containers and NVIDIA GPU Operator resource management software allows a malicious actor to gain unauthorized access to protected information or cause service failures.

The vulnerability in the update-ldcache function of software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, arises from an improper definition of symbolic references before accessing files. Exploiting this vulnerabili...

The vulnerability of the Fortinet FortiPortal security analysis and management tool, related to improper handling of path equivalence, allows for the disclosure of protected information.

The vulnerability of the Fortinet FortiPorta security management and analysis tool is related to improper resolution of path equivalence. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. "At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable...

The vulnerability of the distributed Git version control system, related to improper filtering of output data, allows a malicious actor to gain read, modify, or delete access to data, or execute arbitrary code.

The vulnerability of the distributed Git version control system is related to improper filtering of output data during the extraction or sending of message exchanges from the server. Exploiting this vulnerability can allow a remote attacker to gain read, modify, or delete access to data, or execu...

NVIDIA Triton Inference Server 安全漏洞

Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An out-of-bounds...

The vulnerability of the WeGIA web manager’s script /html/saude/profile_paciente.php, which allows a hacker to disclose confidential information

The vulnerability of the WeGIA web manager’s script /html/saude/profilepaciente.php is related to the failure to protect the SQL query structure when processing the parameter idfuncionario. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose confidential informati...

The software’s vulnerability related to secure remote access to data in Palo Alto Networks GlobalProtect App allows a intruder to escalate their privileges. This vulnerability arises from errors in privilege management.

The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of Zoom, a video conferencing software, related to the falsification of cross-site requests, allows attackers to disclose protected information.

The vulnerability of Zoom video conferencing software is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the sub_41F0FC function in the /H5/webgl.data file of the D-Link DI-7003GV2 router’s microprogramming software, which allows a hacker to disclose confidential information

The vulnerability of the sub41F0FC function in the /H5/webgl.data file of the D-Link DI-7003GV2 router’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to disclose confidential information remotely...

The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects. This allows attackers to gain unauthorized access to protected information or circumvent existing security restrictions, thereby causing service failures.

The vulnerability of the ColdFusion software platform is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or circumvent existing security...

CLSA-2025-1752655009 java-1.8.0-openjdk: Fix of 7 CVEs

CVE-2024-20952: remote data access or modification in sandboxed clients - CVE-2024-20932: modify or access sensitive data in sandboxed client environments - CVE-2024-20918: remote data access or modification in sandboxed clients - CVE-2024-20926: remote data access in sandboxed clients -...

CVE-2025-30762

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the exposure to information due to inconsistencies, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to the exposure of information due to inconsistencies. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data remotely...