739 matches found
SeaCMS 安全漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v13.3, which stems from mishandling of the adminmanager.php component, which could lead to SQL...
[SECURITY] Fedora 42 Update: chromium-136.0.7103.59-1.fc42
Chromium is an open-source web browser, powered by WebKit Blink...
Security-By-Design at the Telco Edge with OSS: Challenges and Lessons Learned
This paper presents our experience, in the context of an industrial R&D project, on securing GENIO, a platform for edge computing on Passive Optical Network PON infrastructures, and based on Open-Source Software OSS. We identify threats and related mitigations through hardening, vulnerability...
[SECURITY] Fedora 41 Update: chromium-135.0.7049.114-1.fc41
Chromium is an open-source web browser, powered by WebKit Blink...
CryptoLib 安全漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2, which stems from a failure to check the return state of the OTAR cryptographic...
[SECURITY] Fedora 42 Update: chromium-135.0.7049.114-1.fc42
Chromium is an open-source web browser, powered by WebKit Blink...
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure," VulnCheck said in...
[SECURITY] Fedora 40 Update: chromium-135.0.7049.95-1.fc40
Chromium is an open-source web browser, powered by WebKit Blink...
[SECURITY] Fedora 40 Update: moodle-4.3.12-1.fc40
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...
PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10692)
PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from mishandling of specific requests. No detailed vulnerability details are provided at this time...
PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10863)
PCMan FTP Server is an open source lightweight FTP server software developed by PCMan . A buffer overflow vulnerability exists in PCMan FTP Server. The vulnerability stems from the STATUS Command Handler not performing proper boundary checks on input data, and no details of the vulnerability are...
[SECURITY] Fedora 42 Update: chromium-135.0.7049.84-1.fc42
Chromium is an open-source web browser, powered by WebKit Blink...
Security Bulletin: IBM Controller is affected by vulnerabilities
Summary There are vulnerabilities in Open-Source Software OSS components used by IBM Controller. Additionally, IBM Controller is vulnerable to cross site scripting XSS and server-side request forgery SSRF vulnerabilities. Please refer to the table in the Related Information section for...
Security Bulletin: IBM Cognos Controller is affected by vulnerabilities
Summary There are vulnerabilities in IBM® Java™, IBM® Websphere Application Server Liberty and Open-Source Software OSS components used by IBM Cognos Controller. Please refer to the table in the Related Information section for vulnerability impact. This Security Bulletin relates only to the direc...
Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities
Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. These issues have been addressed by upgrading or removing the vulnerable libraries. Additionally, two Malicious File Upload vulnerabilities have been addressed. Please...
Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities
Summary There are vulnerabilities in IBM® Java™ Version 8 used by IBM Cognos Dashboards on Cloud Pak. IBM Cognos Dashboards on Cloud Pak has addressed these vulnerabilities by upgrading IBM® Java™. There are vulnerabilities in Open-Source Software OSS components consumed by IBM Cognos Dashboards ...
[SECURITY] Fedora 42 Update: chromium-135.0.7049.52-2.fc42
Chromium is an open-source web browser, powered by WebKit Blink...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2025-31124
Zitadel is open-source identity infrastructure software. ZITADEL administrators can enable a setting called "Ignoring unknown usernames" which helps mitigate attacks that try to guess/enumerate usernames. If enabled, ZITADEL will show the password prompt even if the user doesn't exist and report...
CVE-2025-31124
CVE-2025-31124 (Zitadel) describes a user enumeration flaw in the login flow caused by normalization of the username when the “Ignoring unknown usernames” setting is enabled. Although the UI prompts for a password and returns “Username or Password invalid” for non-existent users, the normalizatio...