Weblate 安全漏洞

Weblate is an open-source, copyleft, web-based free software system for continuous localization. Versions of Weblate prior to 5.17.1 contained a security vulnerability, which was exploited by screenshots, tasks, and component link APIs, allowing enumeration of translations in items that users...

CVE-2025-27395

Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) is affected. All versions prior to V4.0 expose SFTP file access with insufficient scope/privilege restrictions, enabling an authenticated, highly-privileged remote attacker to read and write arbitrary files. Root cause: inadequate restriction of file ...

Linux Distros Unpatched Vulnerability : CVE-2023-22496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection c...

CVE-2022-23635 Unauthenticated control plane denial of service attack in Istio

Istio is an open platform to connect, manage, and secure microservices. In affected versions the Istio control plane, istiod, is vulnerable to a request processing error, allowing a malicious attacker that sends a specially crafted message which results in the control plane crashing. This endpoin...

Default configuration

A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having...

How to Secure Your Mid-Size Organization From the Next Cyber Attack

If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that smal...

CVE-2014-3172

The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...

CVE-2014-3172

Removed by vendor...

Camtron CMNC-200 IP Camera Undocumented Default Accounts

Exploit for hardware platform in category web applications ======================================================== Camtron CMNC-200 IP Camera Undocumented Default Accounts ======================================================== The CMNC-200 IP Camera has undocumented default accounts on its Lin...

RealNetworks Helix Universal Server vulnerable to buffer overflow when sent two simultaneous HTTP requests containing a long string of characters

Overview The RealNetworks' Helix Universal Server supports delivery of several different media types over the Internet. Vulnerabilities have been discovered in the way it handles some requests from the network. These vulnerabilities could allow a remote attacker to execute arbitrary code on...