8712 matches found
CVE-2026-24044
CVE-2026-24044 affects Element Server Suite Community Edition (ESS Community) Helm Chart. The issue arises in the Helm Chart secrets initialization hook (using matrix-tools container prior to 0.5.7) where an insecure Matrix server key generation method can produce the same key pair, enabling netw...
CVE-2026-26218 newbee-mall Default Seeded Administrator Credentials Allow Account Takeover
newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema and fail to change the default administrative credentials m...
CVE-2026-26218
newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema and fail to change the default administrative credentials m...
CVE-2026-26218 newbee-mall Default Seeded Administrator Credentials Allow Account Takeover
newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema and fail to change the default administrative credentials m...
newbee-mall 信任管理问题漏洞
newbee-mall is an e-commerce system developed under open source by newbee. newbee-mall has a vulnerability related to trust management. This vulnerability stems from the database initialization script, which includes pre-set administrator accounts with predictable default passwords. This allows...
PT-2026-7887
Name of the Vulnerable Software and Affected Versions newbee-mall affected versions not specified Description The application includes pre-seeded administrator accounts in its database initialization script, which are provisioned with a predictable default password. Deployments that initialize or...
Insecure Default Initialization of Resource
Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the registerHTTPServer function. An attacker can gain full access to sensitive configuration data, manipulate or delete collections, manage user credentials, shut down services, and write...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. CVE-2026-23876: maliciously crafted image can lead to heap buffer...
SUSE-SU-2026:0437-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876: maliciously crafted image can lead to heap...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
CVE-2025-29952
Improper Initialization within the AMD Secure Encrypted Virtualization SEV firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity...
UBUNTU-CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
UBUNTU-CVE-2025-29952
Improper Initialization within the AMD Secure Encrypted Virtualization SEV firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
UBUNTU-CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
CVE-2025-48509
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity...
CVE-2025-48509
CVE-2025-48509 describes Missing Checks in functions related to Reverse Map Table (RMP) initialization that can let a local admin attacker misidentify I/O memory, potentially affecting guest memory integrity. The primary technical details indicate this affects AMD EPYC/SNP environments and relate...
CVE-2025-29939
Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...