58 matches found
MINI-M8MW-3WP4-V32X
Bulletin has no description...
Gibbon 安全漏洞
Gibbon is a school platform developed by the Gibbon team that addresses practical problems encountered by educators every day. Versions of Gibbon prior to v30.0.01 contained security vulnerabilities. These vulnerabilities were caused by path traversal attacks. When attempting to extract PHP files...
CVE-2026-44916
In OpenStack Ironic before 35.0.2 in a certain non-default configuration, instanceinfo'kstemplate' is rendered without sandboxing...
Astra Linux - уязвимость в tar
In the sparse.c file of GNU Tar, before version 1.32, there was a NULL pointer dereferencing issue when parsing certain archives that contained malformed extended headers...
CVE-2026-40097 Step CA affected by an index out of bounds panic in TPM attestation EKU validation
Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...
EUVD-2026-17538
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30278
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
PT-2026-29299
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-33541
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...
EUVD-2026-10067
TSPortal: Any user can forge self-deletion requests for any account...
CVE-2026-33541
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...
CVE-2026-33541 TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...
CVE-2026-33541 TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 34, a flaw in TSPortal allowed attackers to create arbitrary user records in the database by abusing validation logic. Whil...
CVE-2026-29788
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been...
CVE-2026-29788
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been...
CVE-2026-29788
The CVE affects TSPortal (WikiTide Foundation) prior to version 30, where converting empty strings to null allowed disguising DPA reports as self-deletion reports. Root cause is the faulty normalization of empty fields in the report handling flow. Impact described includes confidentiality/availab...
CVE-2026-29788 TSPortal: Anyone can forge self-deletion requests of any user
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been...
CVE-2026-29788 TSPortal: Anyone can forge self-deletion requests of any user
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been...
CVE-2026-29788
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and Safety team to manage reports, investigations, appeals, and transparency work. Prior to version 30, conversion of empty strings to null allows disguising DPA reports as genuine self-deletion reports. This issue has been...
Traefik 资源管理错误漏洞
Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.38 and 3.6.9 contained a resource management vulnerability. This vulnerability stemmed from defects in the TCP router’s handling of TLS handshakes. It could allow unverified remote...