CVE-2025-57711

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

CVE-2025-47208

An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same...

CVE-2025-53413

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

When Face Recognition Doesn’t Know Your Face Is a Face

An estimated 100 million people live with facial differences. As face recognition tech becomes widespread, some say they’re getting blocked from accessing essential systems and services...

CVE-2025-30261 Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...

Empower Users and Protect Against GenAI Data Loss

When generative AI tools became widely available in late 2022, it wasn't just technologists who paid attention. Employees across all industries immediately recognized the potential of generative AI to boost productivity, streamline communication and accelerate work. Like so many waves of...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

kernel: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver

A reference leak flaw was found in the Linux kernel's AMD P-state unit test driver in the CPU policy access logic. A local user can trigger this issue by loading the amd-pstate-ut driver, which acquires CPU policy references via cpufreqcpuget without releasing them via cpufreqcpuput. This causes...

CVE-2022-24829

Garden is an automation platform for Kubernetes development and testing. In versions prior to 0.12.39 multiple endpoints did not require authentication. In some operating modes this allows for an attacker to gain access to the application erroneously. The configuration is leaked through the /api...

Design/Logic Flaw

The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission admin.login can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitiv...

PT-2020-14175 · Presto · Presto

Name of the Vulnerable Software and Affected Versions: Presto versions prior to 337 Description: Authenticated users can bypass authorization checks by directly accessing internal APIs. This issue impacts Presto server installations with secure internal communication configured. It does not affec...

Denial Of Service (DoS)

ActiveMQ AMQP is vulnerable to denial of service attacks. These attacks can be conducted by opening TCP connections to a SSL port and just keeping it open. This blocks other users from accessing it...

Microsoft Exchange Server CVE-2016-0028 Information Disclosure Vulnerability

Description Microsoft Exchange Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 are vulnerable. Technologies...