64486 matches found
CVE-2026-31981
A stored HTML injection vulnerability affects the Diagram tab and Graph view of Guardian/CMC (N2OS) prior to 26.2.0. An authenticated administrator can inject HTML into configuration data via multiple input vectors; when viewed by others, the HTML may render and enable phishing or open redirects....
CVE-2026-57030
creationtimestamp| type| source ---|---|--- 2026-07-09 04:47:34+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260709 2026-07-09 16:45:13+00:00| seen|...
CVE-2026-57025
creationtimestamp| type| source ---|---|--- 2026-07-09 04:47:21+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260709...
CVE-2026-57023
creationtimestamp| type| source ---|---|--- 2026-07-09 04:47:16+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260709 2026-07-09 16:45:08+00:00| seen|...
CVE-2026-57021
creationtimestamp| type| source ---|---|--- 2026-07-09 04:47:11+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260709 2026-07-10 00:25:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116892835042309852...
CVE-2026-33800
creationtimestamp| type| source ---|---|--- 2026-07-09 04:46:44+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260709 2026-07-09 16:45:26+00:00| seen|...
Critical Photon OS Security Update - PHSA-2026-4.0-1054
Updates of 'linux' packages of Photon OS have been released...
PT-2026-56975
Name of the Vulnerable Software and Affected Versions Junos OS on SRX Series versions prior to 23.2R2-S7 Junos OS on SRX Series versions prior to 23.4R2-S8 Junos OS on SRX Series versions prior to 24.2R2-S4 Junos OS on SRX Series versions prior to 24.4R2-S4 Junos OS on SRX Series versions prior t...
Palo Alto Networks PAN-OS 11.1.x < 11.1.16 / 11.2.x < 11.2.13 / 12.1.x < 12.1.8 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.16, 11.2.x prior to 11.2.13, or 12.1.x prior to 12.1.8. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticat...
Photon OS 5.0: Linux PHSA-2026-5.0-0916
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0916. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security update for openQA, os-autoinst (moderate)
openSUSE Security Update: Security update for openQA, os-autoinst Announcement ID: openSUSE-SU-2026:0235-1 Rating: moderate References: 1244139 1245378 1245379 1257852 1258632 1259005 1264376 Cross-References: CVE-2026-25547 CVSS scores: CVE-2026-25547 SUSE: 7.5...
CVE-2026-0288
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...
EUVD-2026-42388
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...
CVE-2026-60102 Horde VFS < 3.0.1 OS Command Injection via Horde_Vfs_Smb Driver
Horde Virtual File System VFS API before 3.0.1 contains an OS command injection vulnerability in the HordeVfsSmb driver where the escapeShellCommand method fails to sanitize command substitution sequences, allowing authenticated attackers to inject arbitrary shell commands through user-controlled...
CVE-2026-60102
The vulnerability is in Horde VFS API before 3.0.1, specifically the Horde_Vfs_Smb driver. The _escapeShellCommand() function fails to sanitize command substitution, allowing authenticated attackers to inject arbitrary shell commands via user-controlled filenames. Malicious filenames containing u...
Malicious code in @luminarycloudinternal/frodo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58ed68e675b2b6cde30e6b7c8e34077eda805a4bde64ca7cd2c68c6f4370ee5f Package published under a scope shadowing internal Luminary Cloud packages @luminarycloudinternal at version 9999.0.1 — the canonical...
CVE-2026-59890 setuptools: MANIFEST.in exclusion bypass in sdist via Unicode normalization collision (NFC/NFD) on macOS APFS/HFS+
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. Prior to 83.0.0, FileList applied MANIFEST.in exclude, global-exclude, recursive-exclude, and prune directives by matching compiled glob patterns against on-disk file names without Unico...
EUVD-2026-42316
On Unix systems, opening a file in an os.Root improperly follows symlinks to locations outside of the Root when the final path component of the a path is a symbolic link and the path ends in /. For example, 'root.Open"symlink/"' will open "symlink" even when "symlink" is a symbolic link pointing...
EUVD-2026-42291
An OS command injection vulnerability exists in the sub34984 function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The lanipv6prefixlen configuration parameter is not properly sanitized, which could allow an authenticated remo...
CVE-2026-15033
Technical details (affected product/version, root cause, exploit details, or remediation) are not publicly provided in the supplied documents; monitor for updates.