13 matches found
CVE-2026-0205
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services...
CVE-2026-0205
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services...
EUVD-2026-26255
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services...
CVE-2026-0205
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services...
CVE-2026-0205
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services...
CVE-2026-0205
Technical details are not publicly available in the provided documents; no affected versions, vectors, or fixes are included. Monitor official advisories for updates.
PT-2026-35946
Name of the Vulnerable Software and Affected Versions SonicOS affected versions not specified Description A post-authentication Path Traversal issue allows an authenticated attacker to interact with services that are typically restricted. Path Traversal is a flaw that enables attackers to access...
CVE-2026-32591
A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An...
CVE-2025-68437 Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, the Craft CMS GraphQL saveAsset mutation is vulnerable to Server-Side Request Forgery SSRF. This vulnerability arises because the file input, specifically its url parameter,...
CVE-2025-66238 Sunbird DCIM dcTrack and Power IQ Authentication Bypass Using an Alternate Path or Channel
DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine...
EUVD-2025-31571
Malicious code in bioql PyPI...
CVE-2023-26438
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use TOCTOU weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists. Attackers could...
NETGEAR Router Vulnerability Allowed Access to Restricted Services
By Deeba Ahmed According to Tenable research, NETGEAR had to release last-minute patches for their devices that were a part of the Pwn2Own event. This is a post from HackRead.com Read the original post: NETGEAR Router Vulnerability Allowed Access to Restricted Services...