KLA90970 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause...

PT-2026-31025

Name of the Vulnerable Software and Affected Versions Flatpak versions prior to 1.16.4 Description Flatpak, a Linux application sandboxing and distribution framework, contained a flaw where the caching mechanism for ld.so did not adequately verify that an application-controlled path to an outdate...

EUVD-2026-18360

A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function updatepcdb of the file /setup.cgi. The manipulation of the argument macpcdba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the...

FreeBSD : chromium -- security fixes (1dc2aae1-0793-4dbd-8548-e63ae0e1bdaf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1dc2aae1-0793-4dbd-8548-e63ae0e1bdaf advisory. Chrome Releases reports: This update includes 21 security fixes: Tenable has extracted the...

M-Files Server 安全漏洞

The M-Files Server is a server belonging to the M-Files company’s M-Files system. Versions of the M-Files Server prior to 26.3 contained security vulnerabilities. These vulnerabilities stemmed from an outdated connection method used in the document collaborative editing feature, which allowed for...

Amazon Linux 2 : python, --advisory ALAS2-2026-3218 (ALAS-2026-3218)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3218 advisory. The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |=...

PT-2026-28790

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has be...

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development was first reported by MacRumors. "Apple is aware of attacks targeting out-of-date iOS software,...

CVE-2026-4182

A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack...

CVE-2025-55277

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

PT-2026-28302

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The application is susceptible to exploitation due to the use of vulnerable or outdated versions of software components. An attacker may leverage publicly available exploits to...

EUVD-2026-14260

A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirectcountdownpage of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This...

CVE-2025-67260

The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack...

Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2026-3195 (ALAS-2026-3195)

The version of compat-libtiff3 installed on the remote host is prior to 3.9.4-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3195 advisory. libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of proper RCU protection in /proc/net/ptype. This vulnerability may lead to the reading ...

TencentOS Server 2: python3 (TSSA-2026:0176)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0176 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

CVE-2025-23143 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-23143 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-40164 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-40164 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...