CVE-2026-4858

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an arbitrary API via system admin Mattermost auth token using via path traversal in integration action...

CVE-2026-45932

CVE-2026-45932 – Linux kernel (bpf: Fix tcx/netkit detach permissions when prog fd isn’t given) The issue allows BPF_PROG_DETACH on tcx or netkit devices to be executed by any user when no program FD is provided, bypassing permission checks. A fix was added to require CAP_NET_ADMIN or CAP_SYS_ADM...

CVE-2026-9627

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can be launched...

PT-2026-43472

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can be launched...

Astra Linux - уязвимость в linux, linux-5.10

A heap-based buffer overflow flaw was discovered in the way the legacyparseparam function in the Linux kernel’s Filesystem Context functionality verifies the length of the supplied parameters. A non-privileged user if non-privileged user namespaces are enabled, otherwise requiring CAPSYSADMIN...

CVE-2026-44298

The Kimai CVE-2026-44298 affects Kimai versions 2.32.0–2.55.x. It enables an admin user with upload_invoice_template permission to trigger pdfContext.setOption('associated_files', ...) during sandboxed Twig rendering, forwarding to mPDF2 SetAssociatedFiles() and allowing file_get_contents() on e...

CVE-2026-44298 Kimai: Arbitrary file read in invoice PDF renderer (admin)

Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin ROLESYSTEADMIN and the permission uploadinvoicetemplate can upload PDF invoice templates, which can call pdfContext.setOption'associatedfiles', ... inside the sandboxe...

CVE-2026-44298

Kimai is an open-source time tracking application. From version 2.32.0 to before version 2.56.0, users with the role System-Admin ROLESYSTEADMIN and the permission uploadinvoicetemplate can upload PDF invoice templates, which can call pdfContext.setOption'associatedfiles', ... inside the sandboxe...

PT-2026-38651

Name of the Vulnerable Software and Affected Versions Kimai versions 2.32.0 through 2.55.x Description Users with the System-Admin role ROLE SYSTE ADMIN and the upload invoice template permission can upload PDF invoice templates that execute pdfContext.setOption'associated files', ... within the...

CVE-2026-4488

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected is the function strcpy of the file /goform/setSysAdm. Such manipulation of the argument GroupName leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2025-40538

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

CVE-2025-40538

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

EUVD-2025-207546

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On...

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2026-2182 UTT 进取 521G setSysAdm doSystem command injection

A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to th...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50116: kernel: tty: ngsm: fix deadlock and link starvation in outgoing data path bsc1244824. CVE-2024-53177: smb: prevent use-after-free due to opencacheddir...

CVE-2023-4107

Mattermost fails to properly validate the requesting user permissions when updating a system admin, allowing a user manager to update a system admin's details such as email, first name and last name...

D-Link DCS-930L Command Injection Vulnerability

D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: Make sure that the caller has CAPSYSADMIN in the correct user namespaces. What we want to ensure is that cloneprivatemnt will not expose something hidden by a mount that we wouldn’t be able to undo. “ wouldn’t be...