8819 matches found
AIX : Multiple Vulnerabilities (IJ58122)
The version of AIX installed on the remote host is prior to APAR IJ58122. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58122 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...
PT-2026-45917
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files. This is caused by insufficient validation of...
MBS多款产品 安全漏洞
MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities; these vulnerabilities stem from the ugw-delete-file method, which insufficiently validates user-controlled inputs, potentially...
PT-2026-45922
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes. This is caused by insufficient validation of user-supplied...
USN-8373-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
CVE-2019-25719
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow network-adjacent attackers to spoof or tamper with data and cause denial-of-service conditions. Attacke...
EUVD-2026-33932
Path traversal in restore handler in Collibra Agent, allows an attacker to write arbitrary files via a crafted ZIP archive. Collibra Agent fails to properly validate and canonicalize file path during ZIP extraction, this can allow an attacker to write files outside the intended extraction directo...
CVE-2026-7195
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...
web-vulnerability-scanner_project
web-vulnerability-scannerprojec...
May Linux Patch Wednesday
May Linux Patch Wednesday. A total of 1,638 vulnerabilities 474 in the Linux kernel. For comparison, in April there were 1,035 vulnerabilities a record!. And this time it turns out to be a record again, more than one and a half times higher! The acceleration is both impressive and alarming. But w...
network-vulnerability-assessment-lab
Network Attack and Defence Technology Lab Project Overview...
Updated assimp packages fix security vulnerabilities
CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...
WordPress plugin EventPrime 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Word Replacer 输入验证错误漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Progress Sitefinity 安全漏洞
Progress Sitefinity is an open-source platform developed by the American company Progress, used for building corporate websites and internal networks. Versions of Progress Sitefinity from 8.0.5700 to 13.3.7652 have security vulnerabilities. These vulnerabilities stem from insufficient credential...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by improper implementations in the Extensions component. This vulnerability could allow attackers to persuade users to install...
Dräger Atlan A350 安全漏洞
The Dräger Atlan A350 is a high-end anesthesia workstation developed by the German company Dräger. There were security vulnerabilities in the Dräger Atlan A350 between versions 1.00 and 1.01. These vulnerabilities stemmed from improper input processing, which could allow attackers to send special...
RockyLinux 10 : openssh (RLSA-2026:19069)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19069 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...
CVE-2026-0078
In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-22424
CVE-2025-22424 is described across multiple sources as an Android vulnerability arising from improper input validation that can cause images to be revealed across users, enabling local privilege escalation with no extra execution privileges. The NVD entry assigns a CVSS v3.1 base score of 7.8 (Hi...