1081 matches found
EUVD-2026-9330
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...
CVE-2026-0869
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
CVE-2026-0869
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
CVE-2026-0869
CVE-2026-0869 describes an authentication bypass in Brocade ASCG 3.4.0, enabling an unauthorized user to perform ASCG operations related to Brocade Support Link (BSL) and streaming configuration. The vulnerability could also disable the ASCG application or disable BSL data collection on fabric sw...
CVE-2026-0869 Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
EUVD-2026-9312
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
PT-2026-22838
Name of the Vulnerable Software and Affected Versions GLPI Inventory Plugin versions prior to 1.6.6 Description The GLPI Inventory Plugin manages network discovery, inventory, software deployment, and data collection for GLPI agents. A reflected cross-site scripting XSS issue exists in task jobs...
Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0 (CVE-2026-0869)
Application User accounts with Brocade ASCG application privileges created by the administrator are not properly being password enforced. Any other user that learns of the assigned user name can access the custom created application manager account and gain access to the Brocade ASCG application...
PT-2026-22802
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...
Brocade ASCG 安全漏洞
Brocade ASCG is a network feature offered by the American company Brocade. It is primarily used to simplify SAN architectures and optimize resource utilization. Version 3.4.0 of Brocade ASCG contains a security vulnerability. This vulnerability stems from an authentication bypass mechanism, which...
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
Samsung has settled a lawsuit with the Texas Attorney General over how its smart TVs collect and monetize viewing data using Automated Content Recognition ACR. As part of the settlement, Samsung agreed to stop collecting ACR data from Texans without explicit, informed consent and to rewrite its...
The vulnerability of the Data Collection Agent service in the Cisco Catalyst SD-WAN Manager centralized network management system allows a malicious actor to gain unauthorized access to protected information and enhance their privileges.
The vulnerability of the Data Collection Agent service in the Cisco Catalyst SD-WAN Manager centralized network management system is related to the storage of passwords in a recoverable format. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...
CVE-2026-20128
A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector. The package, codenamed StripeApi.Net, attempts to masquerade as Stripe.net, a...
EUVD-2026-8676
A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This...
CVE-2026-20128
A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This...
CVE-2026-20128
A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...
CVE-2026-20128
A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...
CVE-2026-20128
CVE-2026-20128 affects Cisco Catalyst SD-WAN Manager: Data Collection Agent stores the DCA password in a recoverable credential file on the filesystem, enabling an authenticated, local attacker with valid vManage credentials to read the file and gain DCA user privileges, potentially compromising ...
CVE-2026-20128 Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability
A vulnerability in the Data Collection Agent DCA feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An...