CVE-2026-43150

A flaw was found in the Linux kernel. This vulnerability occurs when the kernel's perf/arm-cmn component encounters unsupported hardware configurations, such as unknown Coherent Mesh Network CMN models or revisions. The kernel makes assumptions about hardware sizes, and if these are violated, it...

SUSE CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

CVE-2026-32771 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

CVE-2026-32771 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

CVE-2026-32771 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

CVE-2026-32771

Summary of CVE-2026-32771 (CTFer.io Monitoring) : In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go is vulnerable to a path traversal flaw caused by a missing trailing path separator in a strings.HasPrefix check. This allows an attacker to craft archives that ...

Monitoring 路径遍历漏洞

Monitoring is an open-source component developed by CTFer.io for collecting and processing monitoring data. Versions of Monitoring prior to 0.2.2 contained a path traversal vulnerability. This vulnerability stemmed from the sanitizeArchivePath function’s inability to prevent path traversal, which...

Monitoring 访问控制错误漏洞

Monitoring is an open-source component developed by CTFer.io for collecting and processing monitoring data. Versions of Monitoring prior to 0.2.1 contained a access control vulnerability, which was caused by errors in network policy writing. This vulnerability could allow malicious attackers to...

CVE-2026-32720 Improper Access Control in github.com/ctfer-io/monitoring

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

CVE-2026-32720

The CVE affects the github.com/ctfer-io/monitoring component. Root cause: a mis-written NetworkPolicy allowed a malicious actor to pivot from one component to another namespace, breaking security-by-default and enabling lateral movement. The vulnerability exists prior to version 0.2.1 and is addr...

CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

CVE-2026-32720 Improper Access Control in github.com/ctfer-io/monitoring

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

PT-2026-25399

Name of the Vulnerable Software and Affected Versions CTFer.io Monitoring versions prior to 0.2.1 Description The CTFer.io Monitoring component handles the collection, processing, and storage of signals like logs, metrics, and distributed traces. A misconfigured NetworkPolicy allows a malicious...

Unspecified Vulnerability in Oracle JD Edwards EnterpriseOne Tools (CNVD-2018-13574)

Oracle JD Edwards EnterpriseOne Tools provides the underlying technology for Oracle JD Edwards EnterpriseOne applications. An unspecified vulnerability exists in the Monitoring and Diagnostics component in Oracle JD Edwards EnterpriseOne Tools 9.2. An attacker could exploit the vulnerability to...

Vulnerability in Advantech WebAccess ActiveX

Advantech WebAccess formerly known as BroadWin WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation devices.ActiveX is one of...

CVE-2015-4927

The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files, which allows local users to gain privileges by writing to a file...