449 matches found
Update 26.12 for Microsoft Dynamics 365 Business Central 2025 Release Wave 1 (Application Build 26.12.48244, Platform Build 26.0.48120)
Update 26.12 for Microsoft Dynamics 365 Business Central 2025 Release Wave 1 Application Build 26.12.48244, Platform Build 26.0.48120 Overview This update replaces previously released updates. You should always install the latest update.After you install this hotfix, you might have to update your...
Canonical Livepatch 安全漏洞
Canonical Livepatch is a system component developed by Canonical OpenSource that manages kernel hotfix updates and patches. Versions of Canonical Livepatch prior to 10.15.0 contained security vulnerabilities. These vulnerabilities were caused by improper access control, allowing local...
CVE-2025-71258
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to...
EUVD-2025-208873
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to...
EUVD-2025-208877
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a deserialization of untrusted data vulnerability in the ASP.NET servlet's VIEWSTATE handling that allows authenticated attackers to execute arbitrary code. Attackers can supply crafted serialized objects to the VIEWSTATE paramete...
EUVD-2025-208871
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability due to improper enforcement of security filters on restricted REST API endpoints and servlets. Unauthenticated remote attackers can bypass access controls to invoke restricted functionality a...
CVE-2025-71259
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the externalfeed/RSS API component that allows authenticated attackers to trigger arbitrary outbound requests from the server. Attackers can exploit insufficient validation of...
CVE-2025-71258
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to...
CVE-2025-71259 BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Blind SSRF in externalfeed/RSS
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the externalfeed/RSS API component that allows authenticated attackers to trigger arbitrary outbound requests from the server. Attackers can exploit insufficient validation of...
CVE-2025-71257
BMC FootPrints ITSM versions 20.20.02–20.24.01.001 are affected by an authentication bypass in restricted REST API endpoints and servlets. The Nuclei template details an authentication bypass in the password reset flow: an unauthenticated actor can obtain a valid SEC_TOKEN via /footprints/service...
PT-2026-26061
Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery issue in the searchWeb API component. Authenticated attackers can...
PT-2026-26060
Name of the Vulnerable Software and Affected Versions BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 Description BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 are affected by an authentication bypass. This is due to improper enforcement of security filters on restricted...
Vulnerability fixed in HPE OneView Software
HPE has fixed a vulnerability in the HPE OneView Software. The vulnerability is in the way the OneView Software handles remote requests. When HPE OneView Software is accessible over the Internet, unauthenticated remote users can execute code. This could allow attackers to gain control of affected...
EUVD-2020-27005
Malware in sbrugna...
EUVD-2019-16234
Malware in sbrugna...
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 CVSS score: 9.8, has been described ...
Citrix Session Recording deserialization vulnerability
Added: 08/27/2025 CVE: CVE-2024-8069 Background Citrix Session Recording is software for recording and archiving sessions for retrieval and playback. Problem Unsafe object deserialization in Citrix Session Recording could allow a remote attacker to execute arbitrary commands by sending a speciall...
Service Update 1.38 for Microsoft Dynamics CRM (on-premises) 9.1
Service Update 1.38 for Microsoft Dynamics CRM on-premises 9.1 Introduction Service Update 9.1.38 for Microsoft Dynamics CRM on-premises 9.1 is now available. This article describes the hotfixes and updates that are included in Service Update 9.1.38.10 More information Update package| Version...
Vulnerability fixed in Cisco Identity Services Engine for cloud platforms
Cisco has fixed a vulnerability in Identity Services Engine ISE for cloud platforms. The vulnerability involves a flaw in automatic password generation when Cisco ISE is installed on a cloud platform. This causes the same passwords to be used in different ISE cloud environments. This allows an...
CVE-2021-25239
An improper access control vulnerability in Trend Micro Apex One on-prem, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes...