SUSE-SU-2026:2348-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: - Update to version 3.14 bsc1265991...

Cloud Security Report Finds Fragmented Tools Widening the Cloud Complexity Gap

Washington D.C., USA, 10th June 2026, CyberNewswire...

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk...

CVE-2025-59382

CVE-2025-59382 affects QTS, QuTS hero, QuTScloud and QVP (QVR Pro appliances). The connected documents state these products are not affected by the vulnerability, and that the vulnerability has been fixed in a following version. No exploit details, affected subcomponents, or specific versions are...

CVE-2026-45782

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same headindex while asynchronous block I/O is enabled e....

PT-2026-48493

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.4 Splunk Enterprise versions prior to 10.0.7 Splunk Cloud Platform versions prior to 10.4.2604.3 Splunk Cloud Platform versions prior to 10.2.2510.14 Description An unauthenticated user can create or...

Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

AWS Cloud Development Kit 操作系统命令注入漏洞

AWS Cloud Development Kit is an open-source software development framework developed by Amazon Web Services. It is used to define cloud infrastructure in code and configure it using AWS CloudFormation. Versions of the AWS Cloud Development Kit prior to 2.245.0 contained a vulnerability related to...

Splunk Cloud Platform和Splunk Enterprise 代码问题漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There are code vulnerabilities in...

PT-2026-48498

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could store a malicious script in a classic...

Cloud Files Security Review Tool

This code performs a defensive security assessment of Windows systems by reviewing configuration elements associated with Cloud Files components, environment manipulation opportunities, temporary file exposure, and Windows Error Reporting artifacts...

Cloud hypervisor 资源管理错误漏洞

Cloud Hypervisor is a virtual machine monitor developed by Cloud Hypervisor Company, designed for modern cloud workloads. Versions of Cloud Hypervisor from 21.0 to 51.2 contained a resource management vulnerability. This vulnerability stemmed from submitting two virtio-block descriptors with the...

Dahua IPC和Dahua SD 安全漏洞

Dahua IPC and Dahua SD are both products of Dahua Technology, a Chinese company. Dahua IPC is a series of industrial control computers developed by Dahua. Dahua SD is a series of cloud-based dome cameras. Both Dahua IPC and Dahua SD have security vulnerabilities. These vulnerabilities stem from...

Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...

Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an input validation...

Dahua多款产品 安全漏洞

Dahua SD, among others, are products of China’s Dahua Corporation. Dahua SD is a series of cloud-based tabletop cameras. Dahua NVR is a series of network video recorders. Dahua XVR is a series of devices capable of recording and displaying high-definition and IP cameras. Several Dahua products ha...

Splunk Cloud Platform和Splunk Enterprise 访问控制错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There is an access control...

Migration Planner UI SQL注入漏洞

The Migration Planner UI is an open-source migration planning front-end tool developed by KubeV2V. The Migration Planner UI has a SQL injection vulnerability. This vulnerability arises when a remotely authenticated attacker uploads a specially crafted RVTools .xlsx file. Due to improper input...