72594 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010888)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010888 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix input validation logic for actionmeta Fix condition to check 'greater or equal' to...
(0Day) Microsoft Office URI Handler NTLM Response Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose NTLM responses on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation of certain client metadata fields when explicitly enabled. An attacker possessing a valid Initial Access Token can dynamically register a malicious client with crafted metadata. Depending on the metadata provid...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010712)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010712 advisory. An out-of-bounds OOB memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010713)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010713 advisory. Improper input validation in some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user t...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
EUVD-2026-23884
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...
EUVD-2026-23885
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...
CVE-2026-24504
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...
CVE-2026-24505
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...
Security Bulletin: IBM Integration Bus for z/OS is vulnerable to Improper Input Validation due to Apache Tomcat ( CVE-2026-24734 )
Summary IBM Integration Bus for z/OS is vulnerable to Improper Input Validation due to Apache Tomcat. Vulnerability Details CVEID:CVE-2026-24734 DESCRIPTION: Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FF...
CVE-2026-24505
CVE-2026-24505 affects Dell PowerProtect Data Domain, versions 8.5 through 8.6. The vulnerability stems from improper input validation, potentially allowing a high-privileged attacker with remote access to execute arbitrary commands with root privileges. The available documents do not provide add...
CVE-2026-24505
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...
CVE-2026-24505
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...
CVE-2026-24505
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...
CVE-2026-24504
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...
CVE-2026-24504
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...
CVE-2026-24504
CVE-2026-24504 affects Dell PowerProtect Data Domain versions 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60, due to improper input validation. A high-privilege attacker with remote access could potentially exploit this to achieve arbitrary command execution with root privi...
CVE-2026-24504
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...