CVE-2026-5515

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

PT-2026-43277

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description IBM Db2 for Linux, UNIX, and Windows, including DB2 Connect Server, stores potentially sensitive information in log files. This data could be accessed an...

CVE-2026-31562 drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...

CVE-2025-36051

IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user...

CVE-2025-36299

IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the system...

Important: Red Hat Security Advisory: OpenShift Virtualization 4.15.2 Images security update

Red Hat OpenShift Virtualization release 4.15.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...

Fedora 38 : cacti / cacti-spine (2023-6335ea9c0c)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-6335ea9c0c advisory. Update cacti and cacti-spine to version 1.2.25. This includes the upstream fixes for many CVEs...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an information disclosure vulnerability that originates from the use of an iframe with an 'about:blank' source to store data in local memory, which can be exploited by an...

K59209532: NGINX Controller NATS vulnerability CVE-2020-5910

Security Advisory Description The Neural Autonomic Transport System NATS messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized. CVE-2020-5910 Impact A malicious user with access to the host where NGINX...

CVE-2023-0463

The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk...

Amazon sent 1,700 audio recordings of Alexa user to a stranger

By Waqas An Amazon customer in Germany under the European Union data protection law called GDPR General Data Protection Regulation requested the company to send all the data it stored on him but little did he know he was about to get his hands on a trove of 1,700 audio recordings of a stranger...

CVE-2017-13100

DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key...

CVE-2015-4298

Cisco Unified Web and E-Mail Interaction Manager 9.02 and 11.01 improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056...

World's most secure messaging service offers £10,000 if you crack it

Privacy conscious phone users are being offered a new app that claims to be the world's first totally secure messaging service. A London-based iPhone messaging app claims to be unhackable and is offering reward to anyone who can intercept a message sent by it. Redact believes that messages sent v...