PT-2026-45247

A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api holidays.class.php of the component Leave Request REST API. The manipulation leads to improper authorization. The attack may be...

CVE-2026-3609 XIGNCODE3 xhunter1.sys kernel driver contains a Privilege Escalation Vulnerability

Wellbia's XIGNCODE3 xhunter1.sys kernel driver Privilege Escalation Vulnerability provides access to IRPMJREITS command interface, which allows any user process to request a PROCESSALLACCESS. Cross reference to KVE 2023-5589 https://krcert.or.kr...

OpenStack Cyborg 安全漏洞

OpenStack Cyborg is an open-source acceleration resource management and scheduling service component of OpenStack. Versions of OpenStack Cyborg prior to 16.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the accelerator request API did not enforce project...

PT-2025-49154

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description An out-of-bounds write issue exists in the certificate request comman...

UBUNTU-CVE-2024-47753

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdecvp8reqif.c. Which leads to a kernel crash when fb is NULL...

SUSE CVE-2011-5057

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an...

Naver Whale Browser 安全漏洞

Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability previously existed in Naver Whale Browser 3.12.129.18, which stemmed from a Web Request API that allowed denial of access to the Extension Store or redirection t...

CVE-2015-1847

Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. dot dot in a crafted URL...

Important: Red Hat Security Advisory: ruby193-rubygem-actionpack security update

Updated ruby193-rubygem-actionpack packages that fix multiple security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...