Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.71 contained a security vulnerability. This vulnerability stemmed from incorrect security UI in PictureInPicture, which could allow UI deception through specially crafted HTML...

PT-2026-24889

CVE-2026-3942 Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium se… https://t.co/RNo7wnBviE...

chromium -- security fixes

Chrome Releases reports: This update includes 29 security fixes: 483445078 Critical CVE-2026-3913: Heap buffer overflow in WebML. Reported by Tobias Wienand on 2026-02-10 481776048 High CVE-2026-3914: Integer overflow in WebML. Reported by cinzinga on 2026-02-04 483971526 High CVE-2026-3915: Heap...

Fortinet FortiManager和Fortinet FortiAnalyzer 信任管理问题漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are products of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. This platform supports centralized management of any number of Fortinet devices and allows for grouping devices into differe...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability caused by an incorrect security UI in PictureInPicture, which can be exploited by an attacker to perform UI spoofing via specially crafted HTML pages...

PT-2026-24875

CVE-2026-3927 Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium se… https://t.co/xQOmuPUU6x...

PT-2026-24484

Name of the Vulnerable Software and Affected Versions sigstore-ruby versions prior to 0.2.3 Description The software does not correctly handle verification failures when the artifact digest does not match the digest in the in-toto attestation subject. Specifically, the Sigstore::Verifierverify...

PT-2026-24198

Name of the Vulnerable Software and Affected Versions HCL Sametime for Android affected versions not specified Description HCL Sametime for Android has a flaw that leads to sensitive information disclosure. Hostnames are written into application logs and specific URLs. Recommendations At the...

PT-2026-24179

The Court Reservation WordPress plugin before 1.10.9 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete them via a CSRF attack...

PT-2026-24417

Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, Stored XSS vulnerabilities exist in the Commerce Inventory page. The Product Title, Variant Title, and Variant SKU fields are rendered without proper HTML escaping, allowing an attacker to execute arbitrary JavaScript when any...

PT-2026-24237

A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8,...

SAP Solution Tools Plug-In 安全漏洞

SAP Solution Tools Plug-In is a basic component plugin developed by the German company SAP. There is a security vulnerability in the SAP Solution Tools Plug-In, which stems from the lack of necessary authorization checks for authenticated users. This vulnerability may lead to the disclosure of...

Build Numbers and Versions of Veeam Plug-In for HPE Morpheus VM Essentials

This KB article lists all versions of the Veeam Plug-in for HPE Morpheus VM Essentials and their respective worker build numbers. Version | Plug-In / Worker Build | Release Date ---|---|--- Veeam Plug-in for HPE Morpheus VM Essentials 1 Releases Veeam Plug-in for HPE Morpheus VM Essentials 1.1...

Fortinet FortiAnalyzer Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory. - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0...

Fedora 44 : systemd (2026-c1c45c4b2d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c1c45c4b2d advisory. Fix for the linked bug. ---- Important bugfix release. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

EulerOS 2.0 SP13 : cups (EulerOS-SA-2026-1231)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin...

rssn 代码问题漏洞

rssn is a high-performance Rust scientific computing library open source by Apich Organization. rssn has code vulnerabilities, which stem from improper input validation in the JIT compilation engine, potentially allowing arbitrary code execution...

Fortinet FortiManager Lack of TLS Certificate Validation during initial SSO Authentication (FG-IR-26-078)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-078 advisory. - A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 throu...

PT-2026-24396

Name of the Vulnerable Software and Affected Versions simple-git versions 3.15.0 through 3.32.2 Description The simple-git software, a Node.js interface for running git commands, contains an issue in which attackers can bypass previous fixes. This bypass is due to case-insensitive configuration...

ALSA-2026:4235 Moderate: nginx:1.26 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...