MINI-VGGR-Q9V6-PJ89

Bulletin has no description...

MINI-4HP9-7XJ7-88WJ

Bulletin has no description...

CVE-2025-50193

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST tomaindatabase parameter. This issue has been patched in version 1.11.30...

CLEANSTART-2026-AY29369 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CLEANSTART-2026-CQ83284 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CLEANSTART-2026-YP32652 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

CLEANSTART-2026-BZ70876 Redis is an open source, in-memory database that persists on disk

Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for individual vulnerability details...

SUSE CVE-2026-25242

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below expose unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any remote user can upload arbitrary files to the server via /releases/attachments and...

PT-2026-22946

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway using an address-based spoofing technique. Successful exploitation allows redirection of dat...

PT-2026-22945

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists in the client isolation mechanism that could allow an attacker to circumvent Layer 2 L2 communication limitations between clients, potentially redirecting traffic at Layer 3 L3...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from issues with the client isolation mechanism, which...

SUSE SLED15: libpython3_13-1_0 / python313 / python313-base / python313-curses / etc (SUSE-SU-2026:0642-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0642-1 advisory. Update to Python 3.13.12 - CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and...

PT-2026-22916

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive...

PT-2026-23115

Name of the Vulnerable Software and Affected Versions Drupal OpenID Connect / OAuth client versions prior to 1.5.0 Description A flaw exists in the OpenID Connect / OAuth client module that allows for privilege escalation due to improper handling of case sensitivity. The module does not adequatel...

PT-2026-22944

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw in how network packets are handled could let an authorized attacker create a harmful Wi-Fi frame. This frame could trick an Access Point AP into treating it as group traffic and re-encrypting ...

Nozomi Networks Arc 信任管理问题漏洞

Nozomi Networks Arc is an endpoint detection and response proxy software developed by Nozomi Networks, Inc. Nozomi Networks Arc has a vulnerability related to trust management. This vulnerability arises from the lack of server certificate verification during the Arc agent’s connection process. It...

Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0

Summary The server certificate was not verified when an Arc agent connected to a Guardian or CMC. Impact A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:0736-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0736-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.38 fixes one security issue The following security issue was fixed: - CVE-2025-38129:...

DEBIAN-CVE-2026-27601

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

AZL-79434 CVE-2026-27601 affecting package rsyslog 8.2204.1-4

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...