Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems...

MLDAS: Machine Learning Dynamic Algorithm Selection for Software-Defined Networking Security

Network security is a critical concern in the digital landscape of today, with users demanding secure browsing experiences and protection of their personal data. This study explores the dynamic integration of Machine Learning ML algorithms with Software-Defined Networking SDN controllers to enhan...

Exploit for Code Injection in Mariadb

CVE-2024-27766 MariaDB v11.1 RCE via UDF — modified PoC based...

CVE-2026-34218 ClearanceKit: Managed and user-defined policy rules not enforced between opfilter start and first policy modification

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

CVE-2026-34218 ClearanceKit: Managed and user-defined policy rules not enforced between opfilter start and first policy modification

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

Siemens APE1808 Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2025-4229)

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. This plugin...

Statamic is missing authorization check on taxonomy term creation via fieldtype

Impact Low-privileged Control Panel users could create taxonomy terms by submitting requests to the field action processing endpoint with attacker-controlled field definitions. This bypasses the authorization checks enforced on the standard taxonomy term creation endpoint. Patches This has been...

CVE-2025-13687

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687 DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687 DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

CVE-2025-13687

CVE-2025-13687 affects IBM DataStage on Cloud Pak for Data 5.1.2–5.3.0. An authenticated user could execute arbitrary commands with normal user privileges due to improper validation of input in the user-defined function component (OS command injection). Affected version range: 5.1.2–5.3.0. IBM's ...

EUVD-2025-208260

IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component...

IBM DataStage on Cloud Pak for Data 操作系统命令注入漏洞

IBM DataStage on Cloud Pak for Data is an enterprise-level data integration solution provided by IBM Corporation. Versions 5.1.2 to 5.3.0 of IBM DataStage on Cloud Pak for Data contain an operating system command injection vulnerability. This vulnerability stems from improper input validation in...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment (CVE-2025-13686, CVE-2025-13687, CVE-2025-13688)

Summary Runtime environment is used by DataStage on Cloud Pak for Data as part of upload file processing. Vulnerability Details CVEID:CVE-2025-13686 DESCRIPTION: DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands with normal user privileges on the syst...

SDN-SYN PoW: Intent-Aware Adaptive SDN Defense with PoW against Multi-Domain SYN Floods

The stability of Internet services is persistently challenged by the escalating scale of volumetric TCP SYN floods, as conventional defenses like SYN Cookies fail by exacerbating bandwidth depletion under modern attacks. This paper introduces SDN-SYN PoW, a novel defense architecture that...

Exploit for Path Traversal in Cisco Catalyst_Sd-Wan_Manager

🦅 BlueFalconInk — CISA ED 26-03 Compliance Tracker Built by...

Cisco Catalyst SD-WAN Vulnerabilities (cisco-sa-sdwan-authbp-qwCX8D4v)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by multiple vulnerabilities. - A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has...

CVE-2026-20126

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this...