CVE-2026-8670

Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs aka Session Replay. This issue affects Avantra: before 25.3.1...

CVE-2026-8670 Insecure session handling on metrics web server

Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs aka Session Replay. This issue affects Avantra: before 25.3.1...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.1 contained security vulnerabilities; these vulnerabilities were due to insufficient session expiration time, which could lead to session reuse...

CVE-2026-34976 Dgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing Authorization

Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config admin.go, making it completely unauthenticated. Unlike the similar restore mutation which requires Guardian-of-Galaxy authentication,...

CVE-2025-66433

HTCondor Access Point (HTCondor) before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. The earliest affected version is 24.7.3. Fixes are available in 24.12.14, 25.0.3, and 25.3.1. Affected platforms and versions are corroborated by ...

PT-2025-48384

HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3...

CVE-2025-66433

HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3...

HTCondor Access Point 安全漏洞

HTCondor Access Point is a submission node in a high-throughput computing architecture from HTCondor. A security vulnerability exists in HTCondor Access Point versions prior to 25.3.1, which stems from the possibility that an authenticated user may impersonate another user by submitting a batch j...

CVE-2025-32797 Conda-build Insecure Build Script Permissions Enabling Arbitrary Code Execution

Conda-build contains commands and tools to build conda packages. Prior to version 25.3.1, the writebuildscripts function in conda-build creates the temporary build script condabuild.sh with overly permissive file permissions 0o766, allowing write access to all users. Attackers with filesystem...

PT-2025-25580

Name of the Vulnerable Software and Affected Versions conda-build versions prior to 25.3.1 Description The issue in conda-build allows attackers with filesystem access to exploit a race condition and overwrite a temporary build script, potentially leading to arbitrary code execution under the...

Adobe Photoshop 缓冲区错误漏洞

Adobe Photoshop is a suite of image processing software from the American company Audobee Adobe. The software is mainly used for processing images. A buffer error vulnerability exists in Adobe Photoshop versions 24.7.2, 25.3.1, which stems from susceptibility to an out-of-bounds read vulnerabilit...

GNU Emacs Information Disclosure Vulnerability

GNU Emacs is a Unix text editor written in C developed by the GNU Project, which supports syntax highlighting, multiple languages and feature extensions. A security vulnerability exists in GNU Emacs version 25.3.1, which stems from the program's failure to use a mask when creating swap files. An...

Design/Logic Flaw

GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file "ORIGINALFILENAME" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary...

CVE-2017-1000383

GNU Emacs version 25.3.1 and other versions most likely ignores umask when creating a backup save file "ORIGINALFILENAME" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary...