47626 matches found
CVE-2025-68482
CVE-2025-68482 describes an improper certificate validation in Fortinet FortiAnalyzer (versions 7.6.0–7.6.4, 7.4.0–7.4.8, 7.2 all, 7.0 all; and FortiManager 7.6.0–7.6.4, 7.4.0–7.4.8, 7.2 all, 7.0 all) that may allow a remote unauthenticated attacker to view confidential information via a MITM att...
CVE-2025-68482
A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8,...
CVE-2025-68482
A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8,...
CVE-2026-30941 Parse Server has a NoSQL injection via token type in password reset and email verification endpoints
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.14 and 9.5.2-alpha.1, NoSQL injection vulnerability allows an unauthenticated attacker to inject MongoDB query operators via the token field in the password reset and email...
MINI-6GXP-9QW3-2HC6
Bulletin has no description...
MINI-MM7W-C2C5-F8MH
Bulletin has no description...
MINI-84WX-F5R9-WJR9
Bulletin has no description...
GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable
CVE-2026-26030 is a Remote Code Execution vulnerability that has been identified in Microsoft Semantic Kernel Python SDK, specifically within the InMemoryVectorStore filter functionality. GitHub created this CVE on their behalf. GitHub created this CVE on their behalf. This document incorporates...
When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation
Overview Rapid7 Labs has identified and analyzed an ongoing, widespread compromise of legitimate, potentially highly trusted WordPress websites, misused by an unidentified threat actor to inject a ClickFix implant impersonating a Cloudflare human verification challenge CAPTCHA. The lure is design...
CVE-2026-2741 Zip Slip Path Traversal on Node Unpack
Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 through 14.14.0, 15.0.0 through 23.6.6, 24.0.0 through 24.9.8, and 25.0.0 through 25.0.2. Vaadin’s build process can automatically download and extract Node.js if it...
CVE-2026-21791 HCL Sametime for Android is affected by sensitive information disclosure
HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URL...
CVE-2026-21791
CVE-2026-21791 affects HCL Sametime for Android. The vulnerability involves sensitive information disclosure where hostnames are written to application logs and certain URLs may be exposed. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) yields a LOW base score of 3.3, with local attack...
Honeywell IQ4 Series BMS Controller (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized attacker to access controller management settings, control components, disclose information, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...
GHSA-9C4H-PWMF-M6FJ RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface
Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...
CLEANSTART-2026-GJ95666 Redis is an open source, in-memory database that persists on disk
Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...
CLEANSTART-2026-AF35851 Redis is an open source, in-memory database that persists on disk
Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...
CLEANSTART-2026-QK48981 Redis is an open source, in-memory database that persists on disk
Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...
CLEANSTART-2026-XH31600 Redis is an open source, in-memory database that persists on disk
Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...
CLEANSTART-2026-AV02020 Redis is an open source, in-memory database that persists on disk
Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...
CLEANSTART-2026-RA63757 Redis is an open source, in-memory database that persists on disk
Multiple security vulnerabilities affect the redis package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...