CVE-2026-4035

A flaw was found in MLflow. This vulnerability allows an attacker to exfiltrate sensitive server-side environment credentials. It occurs because the AI Gateway secrets can resolve environment variables, which are then sent to an attacker-controlled endpoint. This could lead to unauthorized access...

CVE-2026-43617

A flaw was found in rsync. When an rsync daemon is configured with "daemon chroot = /X" and uses hostname-based access control lists ACLs, and the chrooted directory /X lacks necessary DNS resolution files, a remote attacker can bypass hostname-based deny rules. This occurs because the daemon...

CVE-2026-39946

A flaw was found in OpenBao. When OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, it failed to use proper database quoting on schema names. This oversight could lead to role revocation failures or, in rarer instances, allow a management user to perform SQL injectio...

CVE-2026-34500

A flaw was found in Apache Tomcat where OCSP-based certificate validation may incorrectly soft-fail during CLIENTCERT authentication, even when soft-fail is disabled, under certain FFM-related execution paths. This can result in client certificates being accepted despite failed or unverifiable...

CVE-2026-25854

A flaw was found in Apache Tomcat. This open redirect vulnerability allows an attacker to redirect a user to an untrusted site. This occurs through the LoadBalancerDrainingValve, which can be exploited to manipulate URL redirection. The primary impact is that users may be unknowingly directed to...

CVE-2026-35030

A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. When JSON Web Token JWT authentication is enabled, the OIDC user information cache uses a truncated portion of the token as a cache key. An unauthenticated attacker can exploit this by crafting a JWT with the same...

CVE-2026-21620

A flaw was found in Erlang OTP tftpfile modules. This vulnerability allows an attacker to exploit a weakness in how file paths are handled, known as Relative Path Traversal. By manipulating these paths, an attacker could gain unauthorized access to sensitive files on the system, potentially leadi...

CVE-2026-0966

The API function sshgethexa is vulnerable, when 0-lenght input is provided to this function. This function is used internally in sshgetfingerprinthash and sshprinthexa deprecated, which is vulnerable to the same input length is provided by the calling application. The function is also used...

IGEL OS Privilege Escalation (via systemd service)

Escalate privileges for IGEL OS Workspace Edition sessions, by modifying network-manager.service using setupcmd SUID and network, then restarting the service. Module Options msf use exploit/linux/local/igelnetworkprivesc msf exploitigelnetworkprivesc show targets ...targets... msf...

open-vm-tools security update

12.3.5-2.0.1.el8.1 - Fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. Orabug: 21819156 12.3.5-2.el8.1 -...

Linux Distros Unpatched Vulnerability : CVE-2019-12105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component,...

Nokia Single RAN 安全漏洞

Nokia Single RAN is a wireless network technology from Nokia Finland. A security vulnerability exists in Nokia Single RAN 24R1-SR version prior to 1.0 MP, which originates from a stack overflow that could result in a restart of a service component...

PT-2025-2786 · Txone Networks · Txone Networks Portable Inspector +1

Name of the Vulnerable Software and Affected Versions: TXOne Networks Portable Inspector version 1.0.0 TXOne Networks Portable Inspector Pro Edition version 1.0.0 Description: The issue is related to improper input validation in the Management Program of TXOne Networks Portable Inspector and...

CVE-2024-6036

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the /queue/join? endpoint with "fnindex":66. This unrestricted server restart capability can severely disrupt service availability, cause data loss or...

Exploit for Race Condition in Openbsd Openssh

OpenSSH CVE-2024-6387 A vulnerability CVE-2024-6387 has bee...

CVE-2019-12105

In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The...

CVE-2019-12105

In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. The...

CVE-2019-7226

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with what may be the...

Veeam Backup & Replication plug-in missing in vSphere HTML5 Web Client after upgrade to VMware vSphere 6.7

Challenge After installing Veeam 9.5 Update 3a and simultaneous upgrade of vSphere from 6.5 to 6.7 Veeam vSphere Web Client Plugin might stop working for vSphere HTML5 Web Client. However it is still operational in vSphere Flash/Flex Web Client. The issue is only reproducible in case the plugin w...

Virtual Apps and Desktops: Logon Duration in MonitorData.Session Table shows "Null"

Logon Duration inMonitorData.Session Table in Monitoring Database shows "Null" value for all sessions and hence Director does not report Average logon Duration for Sessions. Restarting the Monitoring Service on Delivery Controllers does not fix the issue. We used the below scripts to ensure thatO...