CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

CVE-2026-2331 CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

OTRS 安全漏洞

OTRS is a service management solution from OTRS Germany. A security vulnerability exists in OTRS that stems from agent and customer passwords being displayed in plain text in the OTRS Management Log module. The affected versions are as follows: OTRS versions 7.0.X through 7.0.50, OTRS version...

sos bugfix update

An update is available for sos. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sos package contains a set of utilities that gather information from system...

Hostinger Data Breach: 14M Customer Passwords, Personal Data at Risk

Web hosting company Hostinger is warning that a breach of one of its servers potentially gave bad actors access to the hashed passwords and personal data of more than 14 million customers. Hostinger, a popular web, cloud and virtual private server hosting provider and domain registrar with 29...

Magento Password Reset Process Vulnerability (SUPEE-6788)

Magento is using an insufficient protection of the password reset process. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

Hackers Backdooring Cisco WebVPN To Steal Customers’ Passwords

Virtual Private Networks VPNs, which is widely used by many businesses and organisations to provide secure access to their workers, are being abused to pilfer corporate user credentials. Researchers from security firm Volexity discovered a new attack campaign that targets a widely used VPN produc...

CVE-2014-4964

Multiple cross-site request forgery CSRF vulnerabilities in Shopizer 1.1.5 and earlier allow remote attackers to hijack the authentication of users for requests that 1 modify customer settings or hijack the authentication of administrators for requests that change 2 customer passwords, 3 shop...

CVE-2014-4964

Multiple cross-site request forgery CSRF vulnerabilities in Shopizer 1.1.5 and earlier allow remote attackers to hijack the authentication of users for requests that 1 modify customer settings or hijack the authentication of administrators for requests that change 2 customer passwords, 3 shop...