CVE-2026-53469

Migration-planner is affected. An authenticated user can issue a DELETE to /api/v1/sources that is not properly authorized/filtered, permitting destruction of all tenant data (sources, agents, assessments) and causing critical loss of availability and integrity across the SaaS platform. Affected ...

PT-2026-43595

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

ROS-20260526-73-0001

A vulnerability in the email interpreter module of the Python programming language is related to improper code generation control. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

PT-2026-34683

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N version v13 Description The TDDPv2 debug protocol uses DES-CBC encryption with a cryptographic key derived from default web management credentials. This makes the key predictable when the device maintains its default...

ROS-20260403-73-0038

A vulnerability in the sound/soc/soc-core.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause a denial-of-service condition...

USN-8074-1: Linux kernel (Azure) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

ROS-20260211-73-0005

A vulnerability in the net/sched/schprio.c component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information, violate its integrity, and cau...

ROS-20260203-73-0026

A vulnerability in the arm64 components of the Linux operating system kernel is related to insufficient input data validation. Exploitation of the vulnerability may allow an attacker to violate data integrity and also cause a denial of service...

ROS-20260119-7370

A vulnerability in the tegraemcfindnodebyramcode function of the drivers/memory/tegra/tegra20-emc.c component of the Linux kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its...

CVE-2022-31609

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure...

EUVD-2021-6576

Malicious code in bioql PyPI...

EUVD-2024-44080

Malicious code in bioql PyPI...

EUVD-2022-37618

Malicious code in bioql PyPI...

phpMyFAQ duplicate email registration allows multiple accounts with the same email

Summary phpMyFAQ does not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause...

CVE-2024-36331

Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...

CVE-2021-1109

NVIDIA camera firmware contains a multistep, timing-related vulnerability where an unauthorized modification by camera resources may result in loss of data integrity or denial of service across several streams...

The vulnerability of the `init_imlib_fonts()` function in the Imlib image processing library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the initimlibfonts function in the Imlib image processing library is related to the failure of the operation outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause servic...

PT-2024-12280 · Amd +8 · Sev Firmware +8

Name of the Vulnerable Software and Affected Versions: SEV firmware affected versions not specified Description: The issue is related to incomplete system memory cleanup in SEV firmware, which could allow a privileged attacker to corrupt guest private memory. This potentially results in a loss of...

K000138643: OpenSSH vulnerability CVE-2023-51767

Security Advisory Description OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat...

CVE-2023-37297 heap memory overflow

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...