5501 matches found
MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞
MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...
CVE-2026-46089
zram: do not forget to endio for partial discard requests...
CVE-2026-45892
ext4: drop extent cache after doing PARTIALVALID1 zeroout...
PT-2026-43725
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O. A potential for stale data occur...
PT-2026-43626
Summary Context.spawn in liquidjs creates a child Context for the % render % tag but does not propagate the parent context's resolved ownPropertyOnly value. The new context re-derives ownPropertyOnly from opts.ownPropertyOnly the instance-level option, silently discarding any...
CVE-2026-40034
gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...
UBUNTU-CVE-2026-40034
gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...
CVE-2026-40034
gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An attacker can inject arbitrary shell commands vi...
CVE-2026-40034
CVE-2026-40034 affects gix-submodule (gitoxide) prior to 0.82.0. The vulnerability arises because update in .gitmodules is not properly validated, allowing an attacker who has initialized a submodule with partial configuration in .git/config to bypass the CommandForbiddenInModulesConfiguration gu...
CVE-2026-40034 gitoxide - Command Injection via Partial .gitmodules Override in gix-submodule
gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An attacker can inject arbitrary shell commands vi...
SEED: Semi-Supervised Continual MalwarE Detection for Tackling ConcEpt Drift on a BuDget
Machine learning based malware detectors become obsolete over time due to concept drift in benign and malware applications. Recent methods rely on fully labeled data and use hierarchical contrastive loss HCL with active learning to improve robustness against drift by exploiting semantic structure...
Security Bulletin: IBM Rational® Application Developer for WebSphere® Software is vulnerable to a remote attack to take over Java SE
Summary IBM® SDK, Java™ Technology Edition, is used by IBM Rational® Application Developer for WebSphere® Software as the runtime and development kit. CVE-2025-50106 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with netwo...
Incorrect Authorization
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Incorrect Authorization. When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially...
CVE-2026-39828
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
UBUNTU-CVE-2026-39828
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
CVE-2026-39828
CVE-2026-39828 affects the SSH handling in golang.org/x/crypto/ssh. When an SSH server authentication callback returns PartialSuccessError with non-nil Permissions, the permissions are discarded, potentially bypassing certificate restrictions (e.g., force-command) after 2FA. Returning non-nil Per...
CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
CVE-2026-39828
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...
EUVD-2026-31394
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...