MINI-QCMF-5Q35-F56W

Bulletin has no description...

CVE-2026-7510 OWAP DefectDojo Benchmark/Engagement/Product/Survey authorization

A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exploit has been...

MINI-QFP5-7FVP-56Q3

Bulletin has no description...

CVE-2025-68152

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju...

PT-2026-30120

Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called ‘charms’. From versions 2.9 to before 2.9.56 and 3.6 to before 3.6.19, it is possible that a compromised workload machine under a Juju...

CVE-2019-25463

SpotIE Internet Explorer Password Recovery 2.9.5 contains a denial of service vulnerability in the registration key input field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 256-character payload into the Key field during...

CVE-2026-30827

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. Th...

CVE-2021-2043

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

EUVD-2025-74590

Malicious code in handsomemandrillivory-56 npm...

Absolute Secure Access 安全漏洞

Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.56 that stems from a privilege bypass that could lead to improper reading ...

CVE-2025-5072

Resource leak vulnerability in ASR180x、ASR190x in conmgr allows Resource Leak Exposure.This issue affects FalconLinux、Kestrel、LapwingLinux: before v1536...

Patch Tuesday - February 2025

Microsoft is addressing 56 vulnerabilities this February 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for two of the vulnerabilities published today, which is reflected in CISA KEV. Microsoft is aware of public disclosure for two other vulnerabilities. This is now the...

AZL-51243 CVE-2024-47719 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...

AZL-51005 CVE-2024-47671 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmcwrite, we need to clear the structure before filling fields...

KS-Soft HostMonitor 代码问题漏洞

KS-Soft HostMonitor is a system management tool from KS-Soft. that continuously monitors server availability and performance. A code issue vulnerability exists in KS-Soft HostMonitor version 12.56 and prior versions, which stems from a search path containing special characters...

SUSE CVE-2017-7815

On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiproce...

SUSE CVE-2017-7822

The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox 56...

CVE-2022-2056

creationtimestamp| type| source ---|---|--- 2022-06-30 20:38:56+00:00| seen| https://t.me/cibsecurity/45428...

Oracle PeopleSoft 组件授权问题漏洞

Oracle PeopleSoft Enterprise PeopleTools is a component of Oracle's tools and technology platform that supports the transformation of the way organizations manage, use, and maintain their PeopleSoft software. An authorization issue vulnerability exists in the Elastic Search component of Oracle...

CVE-2020-14802

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...