CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

EUVD-2026-5525

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in rsync [ CVE-2024-12087]

Summary IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in rsync, caused by a behavior enabled by the --inc-recursive option, a default-enabled option for many client options, that can be enabled by the server even if not explicitly enabled by the client...

CVE-2023-0344

Akuvox E11 appears to be using a custom version of dropbear SSH server. This server allows an insecure option that by default is not in the official dropbear SSH server...

Setting vDisk Boot Menu as a Default Option

This article describes how to enable the first menu option as the default boot choice without prompting when vDisk boot menu appears. Background A Provisioning Services vDisk boot menu appears when the user is starting a provisioned Virtual Machine, but the user wants the Virtual Machine to start...

Medium: openssl

Issue Overview: Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem...

CVE-2023-0465

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

CVE-2022-37011

A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions V1.17.0, Mendix SAML Mendix 8 compatible All versions V2.3.0, Mendix SAML Mendix 9 compatible, New Track All versions V3.3.1, Mendix SAML Mendix 9 compatible, Upgrade Track All versions V3.3.0. Affected versions o...

DEBIAN-CVE-2010-0427

sudo 1.6.x before 1.6.9p21, when the runasdefault option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command...