Nozomi Networks CMC和Nozomi Networks Guardian 安全漏洞

Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have security...

CVE-2026-4818 Some management operations on data streams are not properly restricted when user does not have the necessary privileges

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4818

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven automated IT operations management platform provided by the American company VMware. It is suitable for private cloud, hybrid cloud, and multi-cloud environments. There is a security vulnerability in VMware Aria Operations, which stems from a...

Keylime 安全漏洞

Keylime is an open-source scalable trust system developed using TPM technology. Versions of Keylime 7.12.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of enforcement of client-side TLS authentication, which may allow unverified clients to execute...

EUVD-2025-30188

Malicious code in bioql PyPI...

EUVD-2025-30227

Malicious code in bioql PyPI...

EUVD-2025-30228

Malicious code in bioql PyPI...

EUVD-2025-19825

Malicious code in bioql PyPI...

CVE-2025-53969 Cognex In-Sight Explorer and In-Sight Camera Firmware Client-Side Enforcement of Server-Side Security

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the...

CVE-2025-54818 Cognex In-Sight Explorer and In-Sight Camera Firmware Cleartext Transmission of Sensitive Information

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channe...

CVE-2025-54497

CVE-2025-54497 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. A telnet-based service exposed on port 23 (requires authentication) can be misused by a user with protected privileges to invoke SetSerialPort and alter device properties (e.g., serial interface settings), violating the...

PT-2025-38488

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a service implementing a proprietary protocol on TCP port 1069. This service allows client-side software, such as the In-Sig...

CVE-2025-38118 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmtremoveadvmonitorcomplete This reworks MGMTOPREMOVEADVMONITOR to not use mgmtpendingadd to avoid crashes like bellow: ================================================================== BUG: KASAN:...

org.wildfly.core:wildfly-server: Wildfly improper RBAC permission

A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...

Duplicate Advisory: Wildfly Server Role Based Access Control (RBAC) provider has Improper Access Control

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qr6x-62gq-4ccp. This link is maintained to preserve external references. Original Description A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control...

CVE-2024-35286

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...

CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to...

CVE-2024-30157

A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to...

Incorrect Authorization

org.apache.pulsar, pulsar-broker is vulnerable to Incorrect Authorization. The vulnerability exists due to inadequate access controls to modify topic-level policies. Only users with the tenant admin or super user role should be permitted to perform such management operations, allowing authenticat...