CVE-2026-11958

ANSSI DFIR-ORC (versions up to 10.2.7) is affected by local privilege escalation via DLLs loaded from a shared temporary directory. An attacker with prior system access can drop a malicious DLL in C:\Windows\Temp and wait for the DFIR-ORC process, which is extracted and executed from that locatio...

PT-2026-21025

Name of the Vulnerable Software and Affected Versions Shared Files versions through 1.7.19 Description A missing authorization flaw exists in Anssi Laitila Shared Files shared-files. The issue impacts the application's ability to properly restrict access to resources. Recommendations Update to a...

CVE-2024-46466

By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 ANSSI qualification submission can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of ZONECENTRAL has to be modified to prevent this...

scap-security-guide bug fix and enhancement update

An update is available for scap-security-guide. This update affects Rocky Linux 8, Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The scap-security-guide project provides a guide f...

CVE-2023-50439

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission, ZED! for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows...

Code injection

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission; ZED! for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows...

Design/Logic Flaw

By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission; ZED! for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before 2023.5; ZEDMAIL fo...

Design/Logic Flaw

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...

CVE-2023-50440

The CVE-2023-50440 issue affects multiple PRIMX ZED ecosystem containers. Specifically, ZED! for Windows prior to Q.2020.3, ZED! for Windows prior to Q.2021.2, ZONECENTRAL for Windows prior to Q.2021.2 and prior to Q.2023.5, ZEDMAIL (Windows prior to 2023.5), and ZED! (Windows, Mac, Linux prior t...

CVE-2023-50439

The CVE-2023-50439 entry concerns PRIMX ZED! and ZONECENTRAL/ZEDMAIL on Windows. Affected versions disclose the original path in which containers were created, allowing an unauthenticated attacker to obtain contextual information (e.g., project name). Specifically, ZED! for Windows before Q.2020....

CVE-2023-50439

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission, ZED! for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows...

CVE-2023-50443

CVE-2023-50443 affects PRIMX CRYHOD for Windows (versions prior to Q.2020.4 and prior to 2023.5). Root cause: an unauthenticated attacker can modify encrypted disks to inject a UNC reference, causing the host to initiate outbound network traffic when such disks are opened. Impact is outbound traf...

CVE-2023-50444

CVE-2023-50444 affects PRIMX ZED! and related products where default containers include an encrypted version of sensitive user information. According to the sources, affected items include: ZED! for Windows before Q.2020.3; ZED! for Windows before Q.2021.2; ZONECENTRAL for Windows before Q.2021.2...

CVE-2023-50441

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...

CVE-2023-50441

CVE-2023-50441 affects PRIMX ZONECENTRAL for Windows: encrypted folders created before Q.2021.2 or before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference, potentially triggering outbound network traffic when folders are opened. The entry indicates a low attack com...

CVE-2023-50444

By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission; ZED! for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before 2023.5; ZEDMAIL fo...

Mozilla Firefox Security Advisory (MFSA2013-117) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

scap-security-guide bug fix and enhancement update

The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol SCAP format and constitutes a catalog of practical hardening advice, linked to government...

Debian DLA-2690-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service, or information leaks. CVE-2020-24586, CVE-2020-24587, CVE-2020-26147 Mathy Vanhoef discovered that many Wi-Fi implementations, including...

BlueZ Advisory

Summary: Potential security vulnerabilities in BlueZ may allow information disclosure. BlueZ is releasing Linux kernel Bluetooth subsystem updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2021-0129 Description: Improper access control in BlueZ may allow an...