4240 matches found
WSO2 - Server Side Request Forgery
WSO2 products contain SSRF and reflected XSS vulnerabilities in the deprecated Try-It feature accessible only to administrative users, caused by improper URL validation and direct content reflection, letting attackers trick admins into executing arbitrary JavaScript and querying internal services...
[SECURITY] Fedora 43 Update: perl-Crypt-DSA-1.22-1.fc43
Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...
Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface CLI, compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range 2a0a:d683::/32 controlled by...
PYSEC-2026-458 Pipecat: Remote Code Execution by Pickle Deserialization Through LivekitFrameSerializer
Remote Code Execution via Unsafe Deserialization in Pipecat's LivekitFrameSerializer Summary A critical vulnerability exists in Pipecat's LivekitFrameSerializer – an optional, non-default, undocumented frame serializer class now deprecated intended for LiveKit integration. The class's deserialize...
UBUNTU-CVE-2026-53268
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrackirc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given...
CVE-2026-53268 netfilter: conntrack_irc: fix possible out-of-bounds read
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrackirc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given...
PT-2026-52363
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the netfilter conntrack irc helper. The issue occurs when parsing fails after a command string has been matched; the system attempts to match a different...
OESA-2026-2725 activemq security update
The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies...
PT-2026-52176
Name of the Vulnerable Software and Affected Versions Drupal Salesforce Suite versions 0.0.0 through 5.1.3 Description A Cross-Site Request Forgery CSRF issue exists where the software fails to properly validate the OAuth handshake during interactive authentication. This allows an attacker to...
GHSA-PR33-38XX-6R26 http4k: BasicCookieStorage` (renamed `InsecureCookieStorage`) did not enforce RFC 6265 cookie scoping; new `DefaultCookieStorage` is now the default
Impact The previous BasicCookieStorage did not enforce RFC 6265 scoping rules around cookie domain, path, and Secure attribute. A client using a single storage instance to talk to multiple origins could have cookies leak across domains, or have Secure cookies sent over plain HTTP — the deprecatio...
GHSA-M4W9-HJFW-VWJ4 http4k: `HmacSha256.hash` (despite the `Hmac` naming) computed a plain unkeyed digest; clarified by deprecation in favour of `Sha256.hash` / `Sha256.hmac`
Impact The HmacSha256 class contained two functions: - hashpayload — a plain unkeyed SHA-256 digest. The Hmac prefix in the class name was misleading; this function has no key parameter, so it could never have been an HMAC. - hmacSHA256key, data — a properly keyed HMAC-SHA256. A reader who didn't...
Check Point Gaia Operating System (sk185033)
The version of Gaia Operating System installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the sk185033 advisory. - A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange...
CVE-2026-48858
Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...
GHSA-293Q-567P-WMWQ Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates
In Spring Security Web, SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user...
PT-2026-48379
Name of the Vulnerable Software and Affected Versions yt-dlp versions prior to 2026.06.09 Description A flaw allows a remote attacker to write arbitrary OS-shortcut files, such as .desktop, .url, and .webloc, to the user's filesystem. This occurs because the file extension allowlist used to preve...
CVE-2026-50751
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...
CVE-2026-50751 User Authentication Bypass in VPN Remote Access and Mobile Access
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...
CVE-2026-50751 User Authentication Bypass in VPN Remote Access and Mobile Access
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...
CVE-2026-50752
A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...
Check Point Quantum Security Gateway和Check Point Spark Firewalls 信任管理问题漏洞
Check Point Quantum Security Gateway and Check Point Spark Firewalls are both products of Check Point, a company based in Israel. Check Point Quantum Security Gateway is a series of enterprise-level security gateway devices. Check Point Spark Firewalls are a series of security firewall devices...