CVE-2026-20195 Cisco Identity Services Engine Observable Response Discrepancy Vulnerability

A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could...

CVE-2022-49937 media: mceusb: Use new usb_control_msg_*() routines

In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usbcontrolmsg routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------ cut here ------------ usb 6-1: BOGUS control dir, pipe 80000380 doesn't match...

Cannot create hosting connection for AWS "Failed to connect the AWS EC2 endpoint URL"

On entering API key and Secret key with Role Based Authentrication for AWS get the following error: Transaction ID:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Action Name: HostingEditHypervisorConnection Exception: StudioErrorId : ConnectionValidationFailure Reason : ManagedMachineGeneralException Exception :...

Valve: Add any depot to your app and access its contents without decryption key; via /apps/setcommonredists

The summary is: A parameter-validation error on an endpoint used to configure redistributable depots allowed external depots to be added to an existing app without the required decryption key...

CVE-2018-2379

In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint...