5472 matches found
The vulnerability of Tenda W18E router microprogramming software, related to the use of strictly encrypted account data, allows a intruder to gain unauthorized access to the control console with administrator privileges.
The vulnerability of Tenda W18E router microprogramming software is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the control console with administrator privileges...
PT-2025-8739 · Esri · Esri Arcgis Monitor
Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Monitor versions 2023.0 through 2024.x Description: The issue is a SQL injection problem that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted...
CLSA-2025-1740470330 linux-firmware: Fix of 2 CVEs
Update AMD SEV CPU firmware to address CVE-2023-31356, CVE-2023-20584...
openSUSE Security Advisory (SUSE-SU-2024:0893-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 41 Update: openssh-9.9p1-3.fc41
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
CLSA-2025-1739965377 linux-firmware: Fix of 2 CVEs
Update AMD SEV CPU firmware to address CVE-2023-31356, CVE-2023-20584...
Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy
Fortinet has fixed vulnerabilities in several products, including FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiSandbox, FortiManager and FortiAnalyzer. The vulnerabilities include the ability for privileged attackers to execute arbitrary code or commands by sending specially crafted...
CVE-2024-47265
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...
[SECURITY] Fedora 40 Update: krb5-1.21.3-3.fc40
Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form...
CVE-2024-47265
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...
CVE-2024-47265
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...
Apple ordered to grant access to users’ encrypted data
Last week, an article in the Washington Post revealed the UK had secretly ordered Apple to provide blanket access to protected cloud backups around the world. Since then, privacy focused groups have uttered their objections. The UK government has demanded to be able to access encrypted data store...
SystemBC RAT Now Targets Linux, Spreading Ransomware and Infostealers
SystemBC RAT now targets Linux, enabling ransomware gangs like Ryuk & Conti to spread, evade detection, and maintain encrypted C2 traffic for stealthy cyberattacks...
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle protected guests properly in completehypercallexit Use is64bithypercall instead of is64bitmode to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g., SEV-ES and SEV-SN...
SolarWinds Web Help Desk 安全漏洞
SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A security vulnerability exists in SolarWinds Web Help Desk versions pri...
AMD Server Processor 安全漏洞
AMD Server Processor is a processor product for the server market from UltraMicro Semiconductor AMD that is primarily used in data centers, cloud computing, and high-performance computing. A security vulnerability exists in AMD Server Processor that stems from the improper handling of invalid...
AMD Server Processor Vulnerabilities – February 2025
AMD ID: AMD-SB-3009 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor ASP, AMD Secure Encrypted Virtualization SEV, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SN...
Improper Validation of Specified Quantity in Input
Overview io.netty:netty-handler is a library that provides an asynchronous event-driven network application framework and tools for rapid development of maintainable high performance and high scalability protocol servers and clients. In other words, Netty is a NIO client server framework which...
UK Secret Order Demands That Apple Give Access to Users’ Encrypted Data
Plus: Benjamin Netanyahu gives Donald Trump a golden pager, Hewlett Packard Enterprise blames Russian government hackers for a breach, and more...