OESA-2025-1468 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

SUSE CVE-2024-45321

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers...

CVE-2023-4329

Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute...

Western Digital My Cloud 数据伪造问题漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. Western Digital My Cloud has a security vulnerability that could allow an attacker to trick a NAS device into loading via an insecure HTTP call. This is the result of insufficient authentication of device calls...

CVE-2017-8154

The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague-L31C576B172, versions before Prague-L31C530B160, versions before Prague-L31C432B180 has a man-in-the-middle MITM vulnerability due to the use of the insecure HTTP protocol for theme download. An attacker may...

Youku client update process suffers from arbitrary file download vulnerability

Youku PC client is a video player that supports both online and local use. An arbitrary file download vulnerability exists in the Youku PC client update process. The vulnerability is caused by the client update process using an insecure HTTP communication protocol to interact with the server, and...