CVE-2026-9129 Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read

A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path such as an encode...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the spawn function. An attacker can execute arbitrary shell commands on the server and access sensitive environment variables, including API keys, authentication secrets, and database credentials, by...

EUVD-2026-13974

OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash secret for owner-ID prompt obfuscation when commands.ownerDisplay is set to hash and commands.ownerDisplaySecret is unset, creating dual-use of authentication secrets across security domains. Attackers with access to...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the downloadprofilepicture function in the /profilepictures/foldername/filename endpoint, where the foldername and filename parameters are not properly filtered. An attacker can access sensitive files outside the...

SUSE CVE-2026-32634

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...

Linux Distros Unpatched Vulnerability : CVE-2026-32634

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised...

EUVD-2013-4346

Malware in sbrugna...

CVE-2022-49807 nvmet: fix a memory leak in nvmet_auth_set_key

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a memory leak in nvmetauthsetkey When changing dhchap secrets we need to release the old secrets as well. kmemleak complaint: -- unreferenced object 0xffff8c7f44ed8180 size 64: comm "check", pid 7304, jiffies 429568613...

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

UBUNTU-CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more. What is Docker? Docker is an open-source platform that automates the deployment, scaling, and management of applications using containerization technology...

Information Disclosure

luci is vulnerable to information disclosure attacks. The vulnerability exists through a Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information...

luci security update

CentOS Errata and Security Advisory CESA-2013:1603 Updated luci packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

luci: short exposure of authentication secrets while generating configuration file

A flaw was found in the way luci generated its configuration file. The file was created as world readable for a short period of time, allowing a local user to gain access to the authentication secrets stored in the configuration file...