Unity Linux 20.1070e Security Update: wildfly-core (UTSA-2026-016736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016736 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

K000160700: Log4J vulnerability CVE-2025-68161

Security Advisory Description The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https:// logging.apache . org/log4j/2.x/manual/appenders/network...

SUSE CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

GO-2026-4390 Beam Exposes sensitive information via joinCleanPath function in github.com/beam-cloud/beta9

Beam Exposes sensitive information via joinCleanPath function in github.com/beam-cloud/beta9...

GHSA-73JG-4QH6-3F4G Beam Exposes sensitive information via joinCleanPath function

Directory Traversal vulnerability in Beam beta9 v.0.1.552 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2025-69820

CVE-2025-69820 concerns a Directory Traversal in Beam (beta9) involving the joinCleanPath function. Multiple sources (SUSE, Red Hat, OSV ecosystems, NVD/NVD-linked) describe exposure of sensitive information via crafted paths in Beam beta9 releases (notably versions around 0.1.521/0.1.552). The r...

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender

The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.htmlSslConfiguration-attr-verifyHostName configuration attribut...

Discourse < 2.8.9, 2.9.x - 2.9.0.beta9 DoS Vulnerability

Discourse is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"...

Discourse 2.9.0.beta5 - 2.9.0.beta9 DoS Vulnerability

Discourse is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"...

Discourse < 2.8.9, 2.9.x - 2.9.0.beta9 RCE Vulnerability

Discourse is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Discourse < 2.8.9, 2.9.x - 2.9.0.beta9 Privilege Escalation Vulnerability

Discourse is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse";...

Discourse 2.9.x < 2.9.0.beta9 Email Invitation Vulnerability

Discourse is prone to a vulnerability where email invitations to topics are not rate limited in some cases. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

KLA12391 RCE vulnerability in Apache Log4j

Remote code execution vulnerability was found in Apache Log4j. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Apache Log4j Security Vulnerabilities Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability...

Ubiquiti Inc.: Read-Only user can execute arbitraty shell commands on AirOS

This vulnerability is very similar to 128750, but it avoid the solution applied to the last beta XM firmware. In this report is used the last beta XM firmware: XM.v6.0-beta9 Vulnerability The vulnerability resides in the function fetchCookies file remote.inc:117. Just like last time is a non...

DesktopOnNet 3 Beta9 Local File Inclusion

DesktopOnNet 3 Beta9 Local File Include Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

DesktopOnNet 3 Beta9 Local File Include Vulnerability

DesktopOnNet 3 Beta9 Local File Include Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / / / 1 1 / / 0 0 ////// // // // // // 1 1 / Exploit database separated by exploit 0 0 // type local,...