Kwetsbaarheid verholpen in Cisco Secure Workload

Cisco has identified a vulnerability in Cisco Secure Workload. This vulnerability resides within the internal REST APIs of Cisco Secure Workload. Unauthorized malicious actors with access to the internal infrastructure can obtain Site Admin privileges through inadequate validation and...

Astra Linux - уязвимость в webkit2gtk

This issue was resolved by removing the origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4; iOS 15.7.4 and iPadOS 15.7.4; tvOS 16.4; and watchOS 9.4. A website may be able to track sensitive user information...

Vulnerabilities found in F5 BIG-IP and BIG-IQ products

F5 has identified several vulnerabilities in the BIG-IP and BIG-IQ products, including components such as iControl REST, iControl SOAP, TMOS Shell, Traffic Management Microkernel TMM, Configuration Utility, Advanced WAF, ASM, PEM, DNS, Access Policy Manager APM, and SSL Orchestrator. The...

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Following the initial publication of the Security Advisory about a denial of service DoS condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator NSO, additional information has been made available to the Cisco Product Security Incident Response Team PSIRT. Upon...

Vulnerability fixed in Cisco Smart Software Manager On-Prem

Cisco has fixed a vulnerability in Cisco Smart Software Manager On-Prem. A malicious party could exploit this vulnerability by inadvertently making an internal service component in Cisco Smart Software Manager On-Prem SSM On-Prem externally accessible. This allows a remote attacker to execute...

Vulnerabilities fixed in Cisco Integrated Management Controller

Cisco has fixed several vulnerabilities in Cisco Integrated Management Controller IMC. The vulnerabilities are in Cisco IMC's Web-based management interface. An unauthorized remote attacker can bypass authentication through password change functionality by sending specially formatted HTTP request...

Vulnerabilities fixed in Cisco IOS XE Software

Cisco has fixed vulnerabilities in Cisco IOS XE Software, specifically for several products such as Catalyst 9000 Series Switches, Catalyst CW9800 Family, and Cisco Meraki. The vulnerabilities include several issues, such as a memory leak in the IKEv2 implementation, vulnerabilities in the DHCP...

Vulnerability fixed in Oracle Identity Manager and Oracle Web Services Manager

Oracle has fixed a vulnerability in two components of Fusion Middleware, Oracle Identity Manager and Oracle Web Services Manager. The vulnerability comes from insufficient access controls within Oracle Identity Manager and Oracle Web Services Manager, allowing unauthenticated remote attackers to...

Vulnerabilities fixed in Adobe Commerce

Adobe has fixed vulnerabilities in Adobe Commerce up to version 2.4.9-alpha3. The vulnerabilities include improper input validation that can cause a denial-of-service without user interaction, and multiple improper authorization issues that allow attackers to bypass security mechanisms and gain...

Vulnerabilities fixed in Fortinet FortiManager and FortiAnalyzer

Fortinet has fixed vulnerabilities in FortiAnalyzer and FortiManager including cloud variants. The vulnerability with reference CVE-2025-54820 is in FortiManager. This vulnerability allows a remote unauthenticated malicious person to execute unauthorized commands via a stack-based buffer overflow...

Vulnerabilities fixed in Cisco Secure Firewall systems

Cisco has fixed several vulnerabilities in Cisco Secure Firewall including ASA and FTD software. The vulnerabilities include SQL injection, privilege escalation, denial-of-service, cross-site scripting, and improper management of entries in various Cisco Secure Firewall components. Authenticated...

Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface and REST API of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. For more information about these vulnerabilities, see the Detai...

Cisco Catalyst SD-WAN Vulnerabilities

Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite arbitrary files. For more information about these vulnerabilities, see the...

Vulnerabilities fixed in SolarWinds Serv-U

SolarWinds has fixed vulnerabilities in Serv-U. The vulnerabilities are in how Serv-U controls access and processes data types. Attackers with administrative privileges can exploit these vulnerabilities to gain unauthorized system access and execute arbitrary code with elevated privileges. This c...

VulnCheck KEV: CVE-2022-20775

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted...

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting (XSS) when using an outdated version on mobile devices. The issue is being addressed with updates from HP. According to the provided CVE entry, the vulnerability is associated with an initial update path and a MEDIUM severity (C...

CVE-2026-1578

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...

PT-2026-7994

HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...