3966 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ARM: fixed the cacheflush issue with PAN. It appears that the cacheflush syscall became corrupted when the LPAE PAN mechanism was implemented. User access was not enabled during the cache maintenance process, which caused the iss...
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL. There is an issue where insufficient efforts are made to ensure safe operation when a privileged user is managing objects of another user. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activate relevant...
Astra Linux – Vulnerability in Zabbix
Zabbix Frontend offers a feature that enables administrators to manage the installation and ensure that only certain IP addresses can access it. This way, no user will be able to access the Zabbix Frontend during maintenance, and sensitive data will be protected from being disclosed. An attacker...
How Parts Inventory Management Software Fixes Inventory Challenges
Why do maintenance teams struggle? Is it because they lack skills? Or do they need more advanced resources?…...
CVE-2026-23926
A flaw was found in Zabbix. An authenticated administrator can inject a malicious script into a maintenance period. When another user views the tooltip for this maintenance period in the Host navigator widget, the script executes. This Cross-Site Scripting XSS vulnerability allows the attacker to...
Linux Distros Unpatched Vulnerability : CVE-2026-23926
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that...
Zabbix 7.0.x < 7.0.24 / 7.4.x < 7.4.8 XSS (ZBX-27758)
The version of Zabbix Server installed on the remote host is prior to 7.0.24, 7.4.8. It is, therefore, affected by a stored cross-site scripting XSS vulnerability. An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that...
GitLab 安全漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Security vulnerabilities exist in versions of GitLab EE from 16.10 to...
EUVD-2026-29907
Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...
EUVD-2026-29903
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
Garmin WDU 安全漏洞
Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic devices. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from the ability to allow symbolic link attacks, which...
EUVD-2026-29360
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...
CVE-2026-40133
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...
CVE-2026-40133
SAP S/4HANA Condition Maintenance is affected by a missing authorization check, enabling an authenticated attacker to view and modify condition table records. The impact is described as low for confidentiality, integrity, and availability. The CVE entries (CVE-2026-40133) reference SAP S/4HANA Co...
CVE-2026-40133 Missing Authorization check in SAP S/4HANA Condition Maintenance
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...
CVE-2026-40133
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...
CVE-2026-40133 Missing Authorization check in SAP S/4HANA Condition Maintenance
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...
From Controlled to the Wild: Evaluation of Pentesting Agents for the Real-World
AI pentesting agents are increasingly credible as offensive security systems, but current benchmarks still provide limited guidance on which will perform best in real-world targets. Existing evaluation protocols assess and optimize for predefined goals such as capture-the-flag, remote code...
PT-2026-39926
Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...
SAP S/4HANA Condition Maintenance 安全漏洞
SAP S/4HANA Condition Maintenance is a conditional maintenance function module developed by SAP, a German company, dedicated to enterprise sales, procurement, and pricing rule management. There is a security vulnerability in SAP S/4HANA Condition Maintenance. This vulnerability stems from the lac...