CVE-2026-52935

A flaw was found in the Linux kernel. The espintcp component, responsible for handling encrypted network traffic, incorrectly reuses a partial data transmission state. This can lead to an out-of-bounds read, which may allow an attacker to access sensitive information or cause other memory...

PT-2026-39666

Name of the Vulnerable Software and Affected Versions urllib3 versions 2.6.0 through 2.6.x Description An issue exists in the streaming API where the library may decompress an entire HTTP response instead of the requested portion. This occurs in two scenarios: during the second...

CVE-2026-34294

Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Microsoft Active Directory. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Orac...

CVE-2026-0510

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

CVE-2026-0510 Obsolete Encryption Algorithm Used in NW AS Java UME User Mapping

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

SAP NetWeaver 加密问题漏洞

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform primarily provides a development and runtime environment for SAP applications. SAP NetWeaver is vulnerable to a cryptographic issue that arises from the use of outdated encryption...

CVE-2021-31156

Allied Telesis AT-S115 1.2.0 devices before 1.00.024 with Boot Loader 1.00.006 allow Directory Traversal to achieve partial access to data...

EUVD-2025-200134

Incorrect default permissions in Samsung Cloud Assistant prior to version 8.0.03.8 allows local attacker to access partial data in sandbox...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, vendor relationship management, and other functions. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987512 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

CVE-2025-51667

An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or disruption of normal system operations...

Linux Distros Unpatched Vulnerability : CVE-2023-52527

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something...

Oracle PeopleSoft 安全漏洞

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle Corporation USA. The product provides human capital management, financial management, vendor relationship management, and other functions. A security vulnerability exists in Oracle PeopleSoft's PeopleSoft...

CVE-2024-8929

...

CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...

CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...

CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...

CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...

CVE-2024-5956

The entry CVE-2024-5956 affects Trellix IPS Manager. PT-2024-37269 identifies Trellix IPS Manager version 11.1.7.97 as vulnerable and states that unauthenticated remote attackers can bypass authentication to access partial data and receive garbage data in responses. The description implies a bypa...

PT-2024-37269 · Trellix · Trellix Ips Manager

Name of the Vulnerable Software and Affected Versions: Trellix IPS Manager version 11.1.7.97 Description: This issue allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response. Recommendations:...