EUVD-2026-8826

Fleet: Device lock PIN can be predicted if lock time is known...

Delta Electronics DIAView

RISK EVALUATION Successful exploitation of this vulnerability could enable an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact...

PT-2026-3799

GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery CSRF vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not...

Linux Distros Unpatched Vulnerability : CVE-2021-41990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be trigger...

Linux Distros Unpatched Vulnerability : CVE-2018-6260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU...

SUSE CVE-2007-6734

NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors...

PT-2024-36224 · Campbell Scientific · Campbell Scientific Csi Web Server

Name of the Vulnerable Software and Affected Versions: Campbell Scientific CSI Web Server affected versions not specified Description: The issue concerns the storage of web authentication credentials in a file with a specific name. The passwords in this file are stored in a weakly encoded format,...

CVE-2024-29963

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries...

SUSE CVE-2023-2295

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

SUSE CVE-2019-25040

Unbound before 1.9.5 allows an infinite loop via a compressed name in dnamepktcopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

jEdit Local File Inclusion

jEdit index.php?page Local File Inclusion Vulnerability +Vendor: jEdit +Version: - +License: GNU / GPL 2.0 +Homepage: http://jedit.org/ +Risk: High +Remote: No +Local: Yes +Author: eidelweiss +Contact: eidelweissatcyberservicesdotcom +Thanks: sp3x securityreason - JosS hack0wn - r0073r & 0x1D...

[Full-Disclosure] Advisory: Directory traversal in CitrusDB

Advisory: Directory traversal in CitrusDB RedTeam found a directory traversal vulnerability in CitrusDB which results in inclusion of any accessible local .php file. Details ======= Product: CitrusDB Affected Version: 0.3.6, probably = 0.3.5, too Immune Version: none 2005-02-03 OS affected: all...