CVE-2026-5000

PromtEngineer localGPT has a missing authentication vulnerability in the API Endpoint’s LocalGPTHandler (backend/server.py). The issue is triggered by manipulation of the BaseHTTPRequestHandler, allowing remote access and potential unauthorized control. This affects versions prior to 4d41c7d1713b...

FiberHome AN5506-04-F和FiberHome HG6245D 安全漏洞

FiberHome AN5506-04-F and FiberHome HG6245D are both routers from FiberHome, a Chinese company. A security vulnerability exists in the FiberHome AN5506-04-F and FiberHome HG6245D that stems from a stack buffer overflow issue in the HTTP service, which could lead to a crash or perform flow control...

EUVD-2017-12914

Malware in sbrugna...

Fedora: Security Advisory (FEDORA-2025-935f8882e4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5833-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper access control

The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress contains a vulnerability that theoretically allows an unauthenticated attacker with network access to obtain an authenticated login URL for the affected system via a REST API. Affected releases are TIBCO Software Inc.'s TIBCO...

GHSA-PR3H-JJHJ-573X Sprockets path traversal leads to information leak

Specially crafted requests can be used to access files that exist on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately. Workaround:...

Session fixation

A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixation Vulnerability. The vulnerability is due to the reuse of a preauthentication session token as pa...

CVE-2017-6774

A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. The vulnerability is due to the inclusion of sensitive system files within specific FTP...

CVE-2017-6726

A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. More Information: CSCvd59341. Known Affected Releases: 4.21.0P1...

CVE-2017-6716

A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of an affected system. Affected Products: Cisco Firepower Management Center Software...

CVE-2017-3848

A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. More Information: CSCuw63001 CSCuw63003. Known Affected...

CVE-2016-9217

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. More Information: CSCus99394. Known Affected Releases: 7.30ZN0.99...

CVE-2016-9201

A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.33M3. Known Fixed...

CVE-2016-6471

A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. More Information: CSCvb19366. Known Affected Releases: 5.4.1.6...

CVE-2016-6470

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Known Affected Releases: 1.0...