KLA90995 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A...

PT-2026-33950

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 150 Firefox ESR versions prior to 140.10 Thunderbird versions prior to 150 Thunderbird versions prior to 140.10 Description Incorrect boundary conditions exist in the DOM: Device Interfaces component. Recommendations...

Mozilla -- Incorrect boundary conditions

https://bugzilla.mozilla.org/showbug.cgi?id=2022162 reports: Incorrect boundary conditions in the DOM: Device Interfaces component...

PT-2026-33929

This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. Successful...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006904 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011035 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

Linux Distros Unpatched Vulnerability : CVE-2026-6764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-011338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011338 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011268 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the...

CVE-2026-35215

A flaw was found in Firebird. In the sdldesc function, a division by zero vulnerability exists due to improper validation of the length of a decoded SDL descriptor from a slice packet. An unauthenticated attacker can exploit this by sending a specially crafted slice packet, leading to a server...

CVE-2025-13480

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

glances 安全漏洞

Glances is a system monitoring tool developed by Nicolas Hennion. Versions of Glances prior to 4.5.4 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated REST APIs that allowed cross-domain requests, potentially allowing malicious websites to access sensitive system...

Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability

Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow...

PT-2026-33742

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings. This vulnerability has been...

PT-2026-33720

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete agent/stop schedule/get schedule data of the file superagi/controllers/agent.py. The manipulation of the argument agent id leads to authorization bypass. The attack is possible to be carrie...

vantix

Vantix Vantix is a Codex-native offensive-security control pl...

What Security and Privacy Transparency Users Need from Consumer-Facing Generative AI

Users increasingly rely on consumer-facing generative AI GenAI for tasks ranging from everyday needs to sensitive use cases. Yet, it remains unclear whether and how existing security and privacy S&P communications in GenAI tools shape users' adoption decisions and subsequent experiences...

ZTE Red Magic 11 Pro 安全漏洞

The ZTE Red Magic 11 Pro is a smartphone designed for high-performance gaming experiences by ZTE Corporation. The ZTE Red Magic 11 Pro NX809J has a security vulnerability that stems from a lack of verification for applications accessing service interfaces. This vulnerability may allow...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007290 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after...

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Overview Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via unsafe method invocation during query value resolution. An attacker can cause destruction of data, assets, and user accounts by manipulating query...