CVE-2026-34926

CVE-2026-34926 concerns the on‑premise Apex One server, where a directory traversal flaw could let a pre‑authenticated local attacker with admin access modify a server key table to inject code that is deployed to agents. The vulnerability is limited to the on‑premise deployment; no public exploit...

CVE-2026-34926

A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...

EUVD-2026-31284

A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...

VulnCheck KEV: CVE-2026-34926

A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...

Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability

Trend Micro Apex One on-premise contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations...

X.Org和Xwayland 安全漏洞

X.Org is an open source free software from the X.Org Foundation.Xwayland is an open source communication protocol from Xwayland that specifies how a display server communicates with its clients. A security vulnerability exists in X.Org and Xwayland that stems from the XkbChangeTypesOfKey function...

CVE-2023-4538

The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP XL client installations. This could allow an attacker with access to that table to retrieve plain text passwords. This issue affects ERP XL...

SUSE CVE-2017-12953

The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service invalid memory write and application crash via a crafted gig file...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...

Advisory ROSA-SA-2021-1904

Software: libxkbcommon 0.7.1 OS: Cobalt 7.9 CVE-ID: CVE-2018-15858 CVE-Crit: MEDIUM CVE-DESC: Unchecked use of NULL pointer when handling invalid aliases in CopyKeyAliasesToKeymap in xkbcomp / keycodes.c in xkbcommon before 0.8.1 could be used by local attackers to crash dereference NULL pointer...

Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility

Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================ | Collecting RabbitMQ...

DEBIAN-CVE-2017-12953

The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service invalid memory write and application crash via a crafted gig file...