RHEL 9 : thunderbird (RHSA-2026:19468)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19468 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

EUVD-2021-14212

Malware in sbrugna...

EUVD-2025-5797

Malicious code in bioql PyPI...

EUVD-2021-8004

Malicious code in bioql PyPI...

EUVD-2023-52418

Malicious code in bioql PyPI...

MAL-2025-5652 Malicious code in ru.rustore.core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00da899e7e957138cf68d9b59fa02210d5b3cae226639924b65810cfa7c4ce78 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-34866

Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where...

CVE-2013-1064

apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1 setuid process or 2...

CVE-2013-1063

usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a 1...

CVE-2019-1424

A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'...

CVE-2017-18668

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

PT-2025-18058 · Unknown · Com-Server

Name of the Vulnerable Software and Affected Versions: Com-Server affected versions not specified Description: An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connecte...

MAL-2025-3135 Malicious code in @weave-mui/divider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05453cfad038ef79e51253af5463badc60bb432de7750f211aa5aa087144ddfd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-21930

CVE-2025-21930 affects the Linux kernel wireless subsystem (iwlwifi/mvm). The vulnerability arises when the driver talks to firmware that may be dead; before sending a command it now checks that the firmware is alive, preventing commands on an unresponsive firmware. Impact: local attacker could c...

CVE-2025-21930 wifi: iwlwifi: mvm: don't try to talk to a dead firmware

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0 WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwltranssendcmd+0xba/0xe0 iwlwifi Call Trace: ? warn+0xca/0x1c0 ?...

PVS Server SOAP service communication fails from remote PVS console

When setting up new Windows Server 2025 virtual machines on VMware to create two new PVS servers, the following issues occur: After installing PVS software and running configuration wizard successfully on the first PVS server, the PVS farm access using this PVS server was only possible using the...

CVE-2020-15087

In Presto before version 337, authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured. This does not affect installations that have not configured secure internal communication,...

CVE-2024-22041

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...

CVE-2024-3209

A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function getne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this...

SVM can't communicate to NSIP with "Manage through internal network" option enabled

Upgrade from 12.1 to NS13.1 Build 33.49 on SDX Platform and enabled "Manage through internal network" SVM and NSIP did not communicate, Displayed as Down. Remove this option backs to normal...