OESA-2026-1608 activemq security update

The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: A vulnerability classified as problematic has been found in Apache ActiveMQ Application Server Software.CWE is classifying the issue as CWE-190. The product performs a calculation that can produce...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003163 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...

CVE-2025-64988

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

CVE-2025-64988

Mode C: CVE-2025-64988 describes a command-injection in TeamViewer DEX (formerly 1E DEX) prior to V19.2, within the 1E-Nomad-GetCmContentLocations instruction. The root cause is improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands, enab...

CVE-2025-64988 Command Injection in 1E-Nomad-GetCmContentLocations Instruction

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

EulerOS 2.0 SP13 : aide (EulerOS-SA-2025-2513)

According to the versions of the aide package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An...

CVE-2024-47866

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

Intel I350 Series Ethernet 安全漏洞

Intel I350 Series Ethernet is a series of Ethernet controllers from Intel Corporation USA. A security vulnerability exists in Intel I350 Series Ethernet prior to version 5.19.2, which stems from improper initialization and could lead to information disclosure...

PT-2025-32732 · Intel · Intel I350 Series Ethernet

Name of the Vulnerable Software and Affected Versions: IntelR I350 Series Ethernet versions prior to 5.19.2 Description: Improper initialization in the Linux kernel-mode driver for some IntelR I350 Series Ethernet may allow an authenticated user to potentially enable information disclosure via da...

AZL-65996 CVE-2024-48916 affecting package ceph for versions less than 16.2.10-9

Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg. And by doing so the JWT signature is not checked. The vulnerability is most likely in the RadosGW OIDC provider. As of time of publication, a kno...

PT-2024-27966 · Node.Js · Undici

Name of the Vulnerable Software and Affected Versions: Undici versions prior to 6.19.2 Description: Undici is an HTTP/1.1 client, written from scratch for Node.js. Depending on network and process conditions of a fetch request, response.arrayBuffer might include a portion of memory from the Node....

CVE-2024-20766

InDesign Desktop versions 18.5.1, 19.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that ...

CVE-2024-21805

Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary file may be placed in the specific folder by a user who can log in to the PC where the product's Windows client is...

CVE-2021-45478

Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users. This issue affects Library Automation System: before 19.2...

YORDAM University Library Automation System 跨站脚本漏洞

YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...

PT-2023-12559 · Bordam Information Technologies · Bordam Information Technologies Library Automation System

Name of the Vulnerable Software and Affected Versions: Bordam Information Technologies Library Automation System versions prior to 19.2 Description: The issue is related to improper handling of parameters, allowing data collection as provided by users. Recommendations: For versions prior to 19.2,...

YORDAM University Library Automation System 安全漏洞

YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...

YORDAM University Library Automation System 安全漏洞

YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...

PT-2023-33402 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.19.264 through 4.19.268 Description: The issue is related to too strict blanking sanity checks in the v4l2-dv-timings.c file. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...

F-Secure SAFE 安全漏洞

F-Secure SAFE is a suite of antivirus software from Finnish company Fen Secure F-Secure. A security vulnerability exists in F-Secure SAFE Browser 19.1 for Android prior to version 19.2, which stems from vulnerability to IDN synonym attacks...