Nozomi Networks CMC和Nozomi Networks Guardian 安全漏洞

Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have security...

CVE-2026-4818 Some management operations on data streams are not properly restricted when user does not have the necessary privileges

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

CVE-2026-4818

In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams...

AWS VDP: Encryption context keys and values logged at INFO level

Component: cmd/server/main.go:101-106 Affected Version: aws-encryption-provider @ 4341c70 all versions Found by: Source audit TLP: TLP:Amber --- Summary The server startup code logs all encryption context key-value pairs at INFO level. Encryption context is metadata associated with KMS operations...

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven automated IT operations management platform provided by the American company VMware. It is suitable for private cloud, hybrid cloud, and multi-cloud environments. There is a security vulnerability in VMware Aria Operations, which stems from a...

Keylime 安全漏洞

Keylime is an open-source scalable trust system developed using TPM technology. Versions of Keylime 7.12.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of enforcement of client-side TLS authentication, which may allow unverified clients to execute...

GO-2025-4251 Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama

Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama...

net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY

...

EUVD-2018-13775

Malware in sbrugna...

EUVD-2025-30227

Malicious code in bioql PyPI...

EUVD-2025-19825

Malicious code in bioql PyPI...

EUVD-2025-30228

Malicious code in bioql PyPI...

EUVD-2025-30188

Malicious code in bioql PyPI...

CVE-2025-54860

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a...

CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-53969 Cognex In-Sight Explorer and In-Sight Camera Firmware Client-Side Enforcement of Server-Side Security

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the...

CVE-2025-54818 Cognex In-Sight Explorer and In-Sight Camera Firmware Cleartext Transmission of Sensitive Information

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channe...

CVE-2025-54497

CVE-2025-54497 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. A telnet-based service exposed on port 23 (requires authentication) can be misused by a user with protected privileges to invoke SetSerialPort and alter device properties (e.g., serial interface settings), violating the...

PT-2025-38488

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a service implementing a proprietary protocol on TCP port 1069. This service allows client-side software, such as the In-Sig...

FileBrowser has an unspecified vulnerability (CNVD-2025-22702)

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability , the vulnerability stems from the file access permissions are not...