SUSE-SU-2026:2236-1 Security update for vim

This update for vim fixes the following issues - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim bsc1264706. - CVE-2026-43961: Vimscript Code Injection in netrw NetrwMarkFile via crafted filename bsc1265349. -...

CVE-2026-28270

Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch fo...

CVE-2026-28271 Kiteworks Core is vulnerable to Server-Side Request Forgery (SSRF)

Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version...

CVE-2026-28271 Kiteworks Core is vulnerable to Server-Side Request Forgery (SSRF)

Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version...

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

CVE-2025-59049 Mockoon has a Path Traversal and LFI in the static file serving endpoint

Mockoon provides way to design and run mock APIs. Prior to version 9.2.0, a mock API configuration for static file serving follows the same approach presented in the documentation page, where the server filename is generated via templating features from user input is vulnerable to Path Traversal...

PT-2023-25047 · Brocade · Brocade Fabric Os

Name of the Vulnerable Software and Affected Versions: Brocade Fabric OS version 9.2.0 Brocade Fabric OS versions prior to 9.2.0 Description: The firmwaredownload command on Brocade Fabric OS could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a...

Brocade Fabric OS Security Vulnerabilities

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade USA. A security vulnerability exists in Brocade Fabric OS versions prior to v9.2.0, which stems from the ability to overwrite system files using the less command...

GLPI 安全漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner cartridg...