SUSE CVE-2026-43334

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smpcmdpairingreq currently builds the pairing response from the initiator authreq before enforcing the local BTSECURITYHIGH requirement. If th...

EUVD-2026-28618

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smpcmdpairingreq currently builds the pairing response from the initiator authreq before enforcing the local BTSECURITYHIGH requirement. If th...

UBUNTU-CVE-2026-43334

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smpcmdpairingreq currently builds the pairing response from the initiator authreq before enforcing the local BTSECURITYHIGH requirement. If th...

CVE-2026-43334

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smpcmdpairingreq currently builds the pairing response from the initiator authreq before enforcing the local BTSECURITYHIGH requirement. If th...

PT-2026-38985

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth Security Manager Protocol SMP where the smp cmd pairing req function builds a pairing response based on the initiator's authentication requirements befor...

EUVD-2026-23603

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

Chrome Zero-Day Vulnerability: Are You Protected?

With billions of users, Google Chrome is more than just a browser; it’s a fundamental part of your organization's attack surface. It’s installed on nearly every endpoint, from the C-suite to the intern pool. This ubiquity is precisely what makes a Chrome zero-day vulnerability so uniquely...

MiracleLinux 9 : libreoffice-7.1.8.1-14.el9_4.ML.1 (AXSA:2024-8728:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8728:07 advisory. libreoffice: bility to trust not validated macro signatures removed in high security mode CVE-2024-6472 Tenable has extracted the preceding description block...

CVE-2025-52578

Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...

EUVD-2025-31029

Malicious code in bioql PyPI...

EUVD-2025-13891

Malicious code in bioql PyPI...

EUVD-2025-13890

Malicious code in bioql PyPI...

EUVD-2025-1667

Malicious code in bioql PyPI...

Hackers Went Looking for a Backdoor in High-Security Safes—and Now Can Open Them in Seconds

Security researchers found two techniques to crack at least eight brands of electronic safes—used to secure everything from guns to narcotics—that are sold with Securam Prologic locks...

Cisco Unified Intelligence Center Arbitrary File Upload (cisco-sa-cuis-file-upload-UhNEtStm)

The version of Cisco Unified Intelligence Center installed on the remote host is prior to tested version. It is, therefore, affected by an arbitrary file upload vulnerability as referenced in the cisco-sa-cuis-file-upload-UhNEtStm advisory: - A vulnerability in the web-based management interface ...

CVE-2025-47917

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtlsx509stringtonames takes a head argument that is documented as an output argument. The documentation does not suggest that the function...

PT-2025-29853 · Cisco · Cisco Unified Intelligence Center

Name of the Vulnerable Software and Affected Versions: Cisco Unified Intelligence Center affected versions not specified Description: A vulnerability exists in the web-based management interface of Cisco Unified Intelligence Center that could allow an authenticated, remote attacker to upload...

WordPress WooBeWoo Product Filter Pro plugin < 2.9.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WooBeWoo Product Filter Pro versions 2.9.6...

CVE-2024-20485

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this...

CVE-2025-20200

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...