CVE-2026-32325

The CVE-2026-32325 entry describes a local privilege escalation in ServerView Agents for Windows (versions up to 11.60.04). A local authenticated attacker who can log in to the affected server may obtain SYSTEM privileges via a privilege‑chaining vulnerability. Affected product: ServerView Agents...

PT-2026-33604

CVE-2026-40530, CVE-2026-4036, and others: Vulnerabilities in Synology DSM, up to 8.0 rating 🔥 Several vulnerabilities in Synology DiskStation Manager DSM allow remote authenticated attacker to read or write files, conduct denial-of-service attacks, and obtain information, including arbitrary...

Anritsu Remote Spectrum Monitor

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.8.7, 18.9.3...

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. An information disclosure vulnerability exists in Mozilla Thunderbird, which can be...

Tinycontrol多款产品 安全漏洞

Tinycontrol tcPDU is a product of the Polish company Tinycontrol. Tinycontrol tcPDU is a network distribution unit. Tinycontrol LAN Controllers LK3.5 is a device for remote monitoring and control of environmental parameters. Tinycontrol LAN Controllers LK3.9 is also a device for remote monitoring...

CVE-2025-57713

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later...

CVE-2026-1632

MOMA Seismic Station Version v2.4.2520 and prior exposes its web management interface without requiring authentication, which could allow an unauthenticated attacker to modify configuration settings, acquire device data or remotely reset the device...

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. An information disclosure vulnerability exists in Mozilla Thunderbird, which can be...

CVE-2025-14712 JHENG GAO｜Student Learning Assessment and Support System - Exposure of Sensitive Information

Student Learning Assessment and Support System developed by JHENG GAO has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain test accounts and password...

PT-2025-51196

Student Learning Assessment and Support System developed by JHENG GAO has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain test accounts and password...

CVE-2025-13768

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...

CVE-2025-11899 Flowring Technology｜Agentflow - Use of Hard-coded Cryptographic Key

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit...

CVE-2025-11899

CVE-2025-11899 affects Flowring’s Agentflow. The vulnerability arises from a hard-coded cryptographic key, enabling unauthenticated remote attackers to generate verification information and log in as any user after obtaining a user ID. Connected sources corroborate the issue across NVD/Red Hat an...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. An...

EUVD-2018-9237

Malware in sbrugna...

EUVD-2024-40433

Malicious code in bioql PyPI...

EUVD-2024-37525

Malicious code in bioql PyPI...

[SECURITY] Fedora 42 Update: trustee-guest-components-0.13.0-3.fc42

Running in a confidential VM, gather confidential-computing evidence, send it to Trustee and get secrets. A part of the confidential-containers project...

.NET 9.0 Update - September 9, 2025 (KB5066234)

.NET 9.0 Update - September 9, 2025 KB5066234 .NET 9.0 has been refreshed with the latest update as of September 9, 2025. This update contains non-security fixes. See the release notes for details about updated packages..NET 9.0 servicing updates are upgrades. The latest servicing update for 9.0...