Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.115: CVE-2025-66614: client certificate verification bypass due to virtual host mapping bsc1258371. CVE-2026-24733: improper input validation on HTTP/0.9 requests bsc1258385. CVE-2026-24734: certificate revocation bypass due ...

CVE-2026-27595 Parse Dashboard has incomplete authentication on AI Agent endpoint

Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint POST /apps/:appId/agent has multiple security vulnerabilities that, when chained, allow unauthenticated remote attackers to perform arbitrary read...

CVE-2021-0392

In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730...

CVE-2026-22234 OPEXUS eCasePortal unauthenticated IDOR

OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the 'Attachments.aspx' endpoint, iterate through predictable values of 'formid', and download or delete all user-uploaded files, or upload new files...

EUVD-2017-18169

Malware in sbrugna...

EUVD-2018-21170

Malware in sbrugna...

EUVD-1999-1116

Malware in sbrugna...

EUVD-2020-28167

Malware in sbrugna...

EUVD-2017-7316

Malware in sbrugna...

EUVD-2022-15919

Malicious code in bioql PyPI...

EUVD-2025-26234

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

Linux Distros Unpatched Vulnerability : CVE-2025-50081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and...

Microsoft Visual Studio和Microsoft .NET 代码问题漏洞

Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...

CVE-2021-0330

In adduserce and removeuserce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2020-5969

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and versio...

CVE-2020-5971

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalatio...

CVE-2020-5973

NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10.3...

CVE-2020-5970

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10.3...

CVE-2020-5972

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10....

CVE-2020-5968

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code execution, denial ...