550 matches found
SUSE CVE-2025-1296
Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...
CVE-2026-3569
The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 1.2.1 via the /wp-json/site-prober/v1/logs REST API endpoint. The permissionsread permission callback unconditionally returns true via returntrue instead of checking for...
CVE-2026-20209
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...
CVE-2026-28758
When BIG-IP DNS is provisioned, a vulnerability exists in the gtmadd and bigipadd iControl REST commands that return the ssh-password parameter in cleartext in the iControl REST response and is also logged in the audit log. This may allow a highly privileged, authenticated attacker with access to...
Linux Distros Unpatched Vulnerability : CVE-2026-46057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is...
EUVD-2026-33584
The Event Log detail endpoint GET /api/v2/eventLogs/eventlogid in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the collection endpoint GET /api/v2/eventLogs applied per-Dag scoping. An authenticated UI/API user with audit-lo...
Apache Airflow security vulnerabilities
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from a lack of checks...
OpenBao's Inline Auth Incorrectly Redacted Headers
Impact OpenBao's inline auth functionality incorrectly redacted audit log entries, resulting in non-auth headers being removed and auth-related headers being retained in cleartext. This requires an attacker to compromise access to the audit device. Operators should review leaked source...
GHSA-Q8CJ-789H-VG24 OpenBao's Inline Auth Incorrectly Redacted Headers
Impact OpenBao's inline auth functionality incorrectly redacted audit log entries, resulting in non-auth headers being removed and auth-related headers being retained in cleartext. This requires an attacker to compromise access to the audit device. Operators should review leaked source...
MAL-2026-4487 Malicious code in audit-logsss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f1d266fef23fc79d6af52affefa68c2220baad023d09a7acc4d439a23dfdb69 The package's postinstall script executes shell reconnaissance id || ver && whoami && hostname, fetches the installer's public IP from api.ipify.org,...
CVE-2026-43634
HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an arbitrary IP address in the CF-Connecting-IP HTTP header without verifying the request originated from Cloudflare's...
EUVD-2026-30935
HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an arbitrary IP address in the CF-Connecting-IP HTTP header without verifying the request originated from Cloudflare's...
CVE-2026-20209
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...
CVE-2026-20209
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...
CVE-2026-20209
Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) web UI vulnerability allows an authenticated, read-only user to elevate to a high-privilege role and take actions as a high-privileged user. Root cause: sensitive session information is logged in audit logs. Impact: privilege escalation with...
CVE-2026-20209 Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 安全漏洞
Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. There is a security vulnerability present in Cisco Catalyst SD-WAN...
PT-2026-40960
Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to a high-privileged level...
CVE-2026-28758
When BIG-IP DNS is provisioned, a vulnerability exists in the gtmadd and bigipadd iControl REST commands that return the ssh-password parameter in cleartext in the iControl REST response and is also logged in the audit log. This may allow a highly privileged, authenticated attacker with access to...
K000157981: BIG-IP DNS tmsh vulnerability CVE-2026-42408
Security Advisory Description When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that may allow a highly privileged authenticated attacker to view sensitive information. CVE-2026-42408 Impact An authenticated attacker with Resource Administrator role...