Ubuntu: Security Advisory (USN-8148-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-33470

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In version 0.17.0, a low-privilege authenticated user restricted to one camera can access snapshots from other cameras. This is possible through a chain of two authorization problems: /api/timeline return...

Music Assistant 代码问题漏洞

Music Assistant is an open-source media library manager developed by Music Assistant. Versions of Music Assistant 2.6.3 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the music/playlists/update API, which allowed bypassing the .m3u extension restriction and allowin...

M-Files Server security vulnerabilities

The M-Files Server is a server belonging to the M-Files company’s M-Files system. Versions of the M-Files Server prior to 26.1.15632.3 had security vulnerabilities. These vulnerabilities stemmed from vulnerable API endpoints, which could allow authenticated attackers to cause the server process t...

MiracleLinux 8 : mariadb-connector-c-3.1.11-2.el8 (AXSA:2021-1464:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1464:01 advisory. mysql: C API unspecified vulnerability CPU Apr 2020 CVE-2020-2752 mysql: C API unspecified vulnerability CPU Apr 2020 CVE-2020-2922...

USN-7922-3 linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers...

PT-2025-39231

Yes, Zoho has faced several security issues: - 2021: ManageEngine ADSelfService Plus vulnerability CVE-2021-40539 exploited by APT27, affecting 9+ organizations and 11,000+ servers with Godzilla Webshell malware. Patched by Zoho. - 2022: Critical RCE flaw in ManageEngine led to BankingLab breach,...

CVE-2020-27013

Trend Micro Antivirus for Mac 2020 Consumer contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data. An attacker must...

Testing the security of CCTV systems

TL;DR CCTV is often overlooked; ‘shadow tech’ whose security isn’t as carefully reviewed as core IT assets It is often a responsibility for facilities managers who may have little experience of cyber security Security of the hardware and software of some CCTV camera brands is sorely lacking A...

Cisco DNA Center 安全漏洞

Cisco DNA Center is a network management and command center service from Cisco USA. An information disclosure vulnerability exists in Cisco DNA Center. The vulnerability stems from improper authorization of API requests and can be exploited by an authenticated, remote attacker to read information...

Smart male chastity lock cock-up

TL;DR Smart Bluetooth male chastity lock, designed for user to give remote control to a trusted 3rd party using mobile app/API Multiple API flaws meant anyone could remotely lock all devices and prevent users from releasing themselves Removal then requires an angle grinder or similar, used in clo...

CVE-2020-3252

Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For more information about these vulnerabilities, see the Details section o...

Adobe Reader < 10.1.14 / 11.0.11 Multiple Vulnerabilities (APSB15-10)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.14 / 11.0.11. It is, therefore, affected by the following vulnerabilities : - A buffer overflow condition exists in CoolType.dll due to improper validation of user-supplied input. A remote attacker can exploit thi...