Linux Distros Unpatched Vulnerability : CVE-2025-71304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient...

CVE-2026-23663

Improper privilege management in Azure Entra ID allows an unauthorized attacker to elevate privileges over a network...

BIT-POWERSHELL-2026-26171 .NET Denial of Service Vulnerability

Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network...

CVE-2026-33111

Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

CVE-2026-23658

Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network...

Microsoft Purview Elevation of Privilege Vulnerability

Server-side request forgery ssrf in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network...

EUVD-2026-10691

.NET Denial of Service Vulnerability...

SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-20014

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services to devices...

Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

CVE-2025-24328

CVE-2025-24328 affects Nokia Single RAN baseband OAM service component; a crafted SOAP "set" operation in the MNO internal RAN management network can trigger a stack overflow, causing the OAM service component to restart on software versions earlier than 24R1-SR 1.0 MP. The issue has been fixed i...

CVE-2024-21026

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Zoom Workplace Desktop App < 6.4.0 Multiple Vulnerabilities (ZSB-25022)

The version of Zoom Workplace Desktop App installed on the remote host is prior to 6.4.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-25022 advisory. - Improper neutralization of special elements in some Zoom Workplace Apps may allow an authenticated user to impact app...

CVE-2025-32358

In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in Zammad, which are triggered as POST requests when certain conditions are met. If a webhook endpoint returned a redirect response, Zammad would follow it automatically with another GET request. This coul...

CVE-2025-29814

Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network...

PT-2024-32497 · Axis · Axis

Name of the Vulnerable Software and Affected Versions: Axis devices affected versions not specified Description: The issue is related to the handling of certain ethernet frames, which could lead to the Axis device becoming unavailable in the network. It is estimated that selected Axis devices are...

SUSE CVE-2024-38796

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

PT-2024-30735 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.2 Description: The issue is related to a misconfiguration of the input state slow path in the Linux kernel, which causes a KASAN report error. This error occurs due to a wild-memory-access in the xfrmi rcv ...

Rockwell Automation GuardLogix and CompactLogix Security Vulnerabilities

Rockwell Automation GuardLogix and Rockwell Automation CompactLogix are both series of controllers from Rockwell Automation, Inc. A security vulnerability exists in several Rockwell Automation products. An attacker has exploited the vulnerability to cause a major unrecoverable failure of all...

Integer overflow

Integer overflow vulnerability in tooloperate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it may in theory cause a denial of service to associated systems or networks if, for example,...