1123 matches found
CVE-2026-6912
Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...
CVE-2026-8431
An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...
Malicious code in po-ops-local-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ed7a024c524e1a4bc29e2670d7dc00e5aa4c6891650c3c6bf38a2f388f4a3cb9 The OpenSSF Package Analysis project identified 'po-ops-local-dev' @ 99.9.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-5159 Malicious code in po-ops-local-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ed7a024c524e1a4bc29e2670d7dc00e5aa4c6891650c3c6bf38a2f388f4a3cb9 The OpenSSF Package Analysis project identified 'po-ops-local-dev' @ 99.9.1 npm as malicious. It is considered malicious because: - The package...
CVE-2026-28586
In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28586
In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android security vulnerabilities
Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from missing permission checks for multiple functions in AppOpsService.java. This vulnerability may lead to the disclosure of local informati...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
HackTheBox — DevHub CVE-2026-23744 | MCPJam Inspector Unaut...
CVE-2026-46066
In the Linux kernel, CVE-2026-46066 fixes an off-by-one in the Ceph writeback path when a crypto bounce buffer allocation fails. If move_dirty_folio_in_page_array() fails for an encrypted file and the failed folio is not contiguous with the last in the batch, ceph_process_folio_batch() increments...
Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Overview Vulnerability has been found in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' sectio...
Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Overview Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-23865,...
CVE-2026-3314 Missing Password Masking in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314 Missing Password Masking in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314
CVE-2026-3314 describes a missing password masking vulnerability in Hitachi Ops Center Analyzer (detail view and probe modules) and Hitachi Ops Center Analyzer viewpoint, plus Hitachi Infrastructure Analytics Advisor (Data Center Analytics, Analytics probe modules). Affected versions: Ops Center ...
EUVD-2026-31795
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
Hitachi多款产品 安全漏洞
Hitachi Ops Center Analyzer, among others, are products of Hitachi, Ltd., a Japanese company. Hitachi Ops Center Analyzer is a data center management software. Hitachi Infrastructure Analytics Advisor is an IT operations intelligence platform, including Hitachi data center analysis capabilities...
PT-2026-43189
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
PT-2026-42454
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the udlfb component of the fbdev subsystem. The dlfb ops mmap function uses remap pfn range to map vmalloc framebuffer pages to userspace without setting...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a use-after-free issue for dynamic ftraceops. KASAN reported a use-after-free with ftrace ops 1. It was discovered that perf had registered two ops with the same content, both being dynamic. After unregistering t...