13576 matches found
CVE-2026-47632
Azure Monitor Agent Metrics Extension is affected by CVE-2026-47632 due to improper certificate validation, enabling elevation of privileges for an unauthenticated attacker on an adjacent network. Exploitation details are not provided in the connected documents. CVSSv3.1 base score 8.8 (High): AV...
Active Directory Federation Server Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Active Directory Federation Services AD FS allows an authorized attacker to perform spoofing over a network...
Active Directory Certificate Services Elevation of Privilege Vulnerability
Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...
SUSE-SU-2026:2799-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341:...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Improper input validation in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-56015 Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length
Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...
CVE-2026-8482
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
EUVD-2026-41271
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
CVE-2026-8482 Information leak in NSRPC client history
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
PT-2026-55318
Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description M365 Copilot contains an open redirect issue, which occurs when an application redirects users to an untrusted external site. This flaw allows an unauthorized attacker to elevate...
CVE-2026-8480
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...
CVE-2026-8480 Connection possible to the Administration portal with a revoked certificate
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...
batman-adv: v: stop OGMv2 on disabled interface
...
Oracle Linux 9 : thunderbird (ELSA-2026-29940)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-29940 advisory. 140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR Tenab...
CVE-2025-7958
A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...
CVE-2025-7958
A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...
CVE-2025-7958
Summary (CVE-2025-7958): A code injection vulnerability exists in Trellix Network Security CM and NX. A locally authenticated admin user can trigger arbitrary code execution via the web interface and Alert artifact details. The issue is described as enabling remote-like control within the device ...
CVE-2025-7958
A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...
EUVD-2025-210348
A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details...
CVE-2026-12318
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...