Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the model combination feature: the access control pipeline only verified users’ access...

CVE-2026-44221

ArcadeDB prior to version 2.6.4 (also referenced as 26.4.2 in some advisories) contains a cross-database authorization bypass. Two defects enable authenticated principals to bypass both record-level and database-level controls: (1) ServerSecurityUser.getDatabaseUser() returns a DB user with an un...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities were caused by insufficient routing access control in the Nostr plugin’s HTTP configuration file, which might allow...

ROS-20260129-73-0033

A vulnerability in the CREATE STATISTICS function of the PostgreSQL database management system is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

EUVD-2017-7410

Malware in sbrugna...

EUVD-2013-4815

Malware in sbrugna...

ROS-20251002-03

A vulnerability in Microsoft's .NET software platform is related to the closing of the HTTP/3 stream while writing code for an application, resulting in a race condition in response. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive informatio...

ROS-20250912-15

Apache Tomcat application server vulnerability is related to access differentiation flaws. Exploitation vulnerability could allow an attacker acting remotely to hijack a session and gain access to a user's user account...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities relevant to Samsung Mobile in Samsung Mobile. The vulnerabilities in the Android kernel include a race condition between functions that manage CPU timers, which can lead to system instability. In addition,...

RHEL 6 / 7 : rh-postgresql95-postgresql (RHSA-2017:2677)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2677 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstre...

DRUPAL-CONTRIB-2024-036

This module enables field collections to be displayed as tables. It supports display suite and field permissions and provides operations modify, delete, duplicate. This module has multiple vulnerabilities due to the requirements on the routes it provides not being restrictive enough. Information...

Ubuntu 22.04 LTS / 23.10 : Linux kernel (AWS) vulnerabilities (USN-6680-3)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6680-3 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...

SUSE-SU-2023:3892-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005990 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcindex...

SUSE-SU-2023:3846-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024145 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcinde...

SUSE-SU-2023:3768-1 Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197126 fixes several issues. The following security issues were fixed: - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter tcindex bsc1210619. - CVE-2023-3776: Fixed improper refcount update in clsfw leads to...

SUSE-SU-2023:3629-1 Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122147 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c bsc1213244. - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nftbyteorder that could allow ...

SUSE-SU-2023:3612-1 Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024126 fixes several issues. The following security issues were fixed: - CVE-2023-32233: Fixed a use-after-free in Netfilter nftables when processing batch requests bsc1211187. - CVE-2023-3567: Fixed a use-after-free in vcsread in...

Researchers Reported Critical SQLi and Access Flaws in Zendesk Analytics Service

Cybersecurity researchers have disclosed details of now-patched flaws in Zendesk Explore that could have been exploited by an attacker to gain unauthorized access to information from customer accounts that have the feature turned on. "Before it was patched, the flaw would have allowed threat acto...

CVE-2021-38905

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to. IBM X-Force ID: 209697...

CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise...