AVEVA PI to CONNECT Agent

RISK EVALUATION Successful exploitation of this vulnerability could result in an unauthorized access to the proxy server. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

PT-2025-136: Path Traversal in mPDF

The vulnerability was identified in mPDF, version 2.8.5. The application performs improper validation of data received from the user, which allows an attacker to read files stored on the server. Vulnerability status: Confirmed during research Date of vulnerability discovery: 11.04.2025...

PT-2025-45360

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/VPN versions prior to 1.1.5 Description The software contains a SQL injection issue in the AjaxFwRulesController.ajaxNetworkFwRulesAction function. An authenticated, low-privileged user can inject SQL code through datatable...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-49974: NFSD: limit the number of concurrent async COPY operations bsc1232384 CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfre...

EUVD-2019-19300

Malware in sbrugna...

CVE-2023-29055

In Apache Kylin version 2.0.0 to 4.0.3, there is a Server Config web interface that displays the content of file 'kylin.properties', that may contain serverside credentials. When the kylin service runs over HTTP or other plain text protocol, it is possible for network sniffers to hijack the HTTP...

SUSE CVE-2023-44981

Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper quorum.auth.enableSasl=true, the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The...

PT-2025-23814 · Ооо 'Солидсофт' · Solidwall Waf

Уязвимость средства межсетевого экранирования SolidWall WAF связана с недостаточной защитой служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации...

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

Cybersecurity researchers are warning about an unpatched vulnerability in Nice Linear eMerge E3 access controller systems that could allow for the execution of arbitrary operating system OS commands. The flaw, assigned the CVE identifier CVE-2024-9441, carries a CVSS score of 9.8 out of a maximum...

Ruijie Networks RG-NBS2009G-P 安全漏洞

The Ruijie Networks RG-NBS2009G-P is a network security product from China's Ruijie Networks Ruijie Networks that is commonly used as an enterprise-class network border firewall. A security vulnerability exists in Ruijie Networks RG-NBS2009G-P v.10.41P2 Release 9736 that originated from a...

Rocky Linux 8 : container-tools:rhel8 (RLSA-2019:3403)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3403 advisory. - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift...

K20682450: BIG-IP AFM vulnerability CVE-2017-6142

Security Advisory Description X509 certificate verification was not correctly implemented in the early access "user id" feature in the BIG-IP Advanced Firewall Manager, and thus did not properly validate the remote server's identity on certain versions of BIG-IP. CVE-2017-6142 Impact In affected...

Massive increase in XorDDoS Linux malware in last six months

Microsoft says its recorded a massive increase in XorDDoS activity 254 percent in the last six months. XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie MMD. MMD believed the Linux Trojan originated in China...

Building Multilayered Security for Modern Threats

Considering recent announcements of major attacks caused by external malicious actors, including a ransomware attack on a U.S. gasoline pipeline, the need for increased security posture is as important as ever, and multilayered security remains the key. With rampant ransomware attacks and other...

Qualys Cloud Platform 10.1.0 New Features

The upcoming release of the Qualys Cloud Platform VM, PC, version 10.1.0, includes several new features and enhancements in Qualys Cloud Platform and Qualys Policy Compliance. This release will also add support for new technologies in Qualys Policy Compliance for OCA. 10.1.0 is scheduled to go li...

CVE-2019-5257

Certain Huawei products AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network...

CVE-2019-9946

Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...

Code injection

Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...

CVE-2019-9946

Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...

CVE-2019-9946

Summary: CVE-2019-9946 affects Cloud Native Computing Foundation (CNCF) CNI 0.7.4 used with Kubernetes. The portmap plugin in CNI inserts rules at the front of the iptables nat chains, giving them precedence over the KUBE-SERVICES chain. This could cause HostPort/portmap rules to match traffic ev...