CVE-2024-14026 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in th...

CVE-2025-26869

CVE-2025-26869 is a Stored Cross-Site Scripting (XSS) vulnerability in the Build WordPress plugin, affecting builds up to 1.0.3. The CVSS v3.1 base score is 6.5 (Medium) with Network attack vector, Low attack complexity, and user interaction required. The provided connected documents confirm the ...

SUSE CVE-2025-25199

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

CVE-2023-41742

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30430, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...

Information disclosure

Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent Windows before build 30025, Acronis Cyber Protect 15 Windows before build 30984...

CVE-2022-38113

This vulnerability discloses build and services versions in the server response header...

CVE-2022-38113 Information Disclosure Vulnerability

This vulnerability discloses build and services versions in the server response header...

PT-2022-24207 · Solarwinds · Solarwinds Sem +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: This issue discloses build and services versions in the server response header. There is no information provided about the estimated number of potential...

Memory corruption

An attacker could send a specially crafted message to Crimson 3.1 Build versions prior to 3119.001 that could leak arbitrary memory locations...

November 12, 2019—KB4524570 (OS Builds 18362.476 and 18363.476) - EXPIRED

November 12, 2019—KB4524570 OS Builds 18362.476 and 18363.476 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest securi...

CVE-2019-8197

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2017-8145

The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application, and the...

NetScaler 10.1, 10.5, 11.0, 11.1 and 12.0 Builds Temporarily Offline

Citrix SD-WAN, formerly NetScaler SD-WAN UPDATE: New builds are now available. Please seehttps://support.citrix.com/article/CTX227928 for more information. Original article text: Due to an issue found in the builds, NetScaler 10.1, 10.5, 11.0, 11.1 and 12.0 builds are not available for download...

McAfee Application Control swin.sys Memory Corruption (SB10145)

The version of McAfee Application Control is 6.1.0 prior to build 706, 6.1.1 prior to build 404, 6.1.2 prior to build 449, 6.1.3 prior to build 441, or 6.2.0 prior to build 505. It is, therefore, affected by a kernel memory corruption issue in the swin.sys driver when handling a 786 syscall, whic...

[slackware-security] Apache httpd

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-3352 In addition, new modssl packages for...