CVE-2026-42096

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...

CVE-2025-14111

CVE-2025-14111 affects Rarlab RAR App for Android up to version 7.11 Build 127, specifically the com.rarlab.rar component. The issue is a path traversal vulnerability that could enable a remote attack; exploitability is described as complex/hard, but publicly disclosed. The vulnerability is mitig...

thunderbird security update

128.14.0-3.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.14.0 - Add OpenELA debranding 128.14.0-3 - Update to 128.14.0 build2 128.14.0-2 - Add missing translations 128.14.0-1 - Update to 128.14.0 build1...

firefox security update

128.14.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.14.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 128.14.0-2 - Add missing translations 128.14.0-1 - Update to 128.14.0 build1...

Pulse Secure Desktop Client for Windows Arbitrary File Write Vulnerability

Pulse Secure Desktop Client for Windows is a suite of Windows-based client software from Pulse Secure, Inc. for end devices that access Juniper Pulse Secure gateways. A security vulnerability exists in Pulse Secure Desktop Client versions 5.3 through R6.0 build 1769 for Windows-based platforms. T...