BIT-MONGODB-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

PT-2026-4693

In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4707

Name of the Vulnerable Software and Affected Versions ManagedServices affected versions not specified Description An issue exists in the setPackageOrComponentEnabled function of ManagedServices.java related to improper input validation. This can result in a notification policy desync, potentially...

PT-2026-4715

In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild

Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said have been exploited in the wild. The patch addresses a total of 107 security flaws spanning different components, including Framework, System, Kernel, as well as those...

EUVD-2025-37503

IdentityIQ 8.5, IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p4, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p6, and all prior versions allows some IdentityIQ web services that provide non-HTML content to be accessed via a URL path that will set the Content-Type to HTML allowing a...

EUVD-2016-1613

Malware in sbrugna...

EUVD-2024-33546

Malicious code in bioql PyPI...

BIT-LIBPHP-2020-7071 FILTER_VALIDATE_URL accepts URLs with invalid userinfo

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...

Android Security Bulletin—August 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2025-08-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Zimbra Collaboration Server < 8.7.11 Patch 11, 8.8 < 8.8.9 Patch 10, 8.8.10 < Patch 8, 8.8.11 < Patch 4

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilies: - Zimbra Collaboration Suite allows SSRF via the ProxyServlet component CVE-2019-9621 - Zimbra Collaboration Suite allows Blind SSRF in the Feed component. CVE-2019-6981 Note that...

CVE-2022-45435

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity...

Android Security Bulletin—March 2024Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2024-03-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Android Security Bulletin—November 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-11-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...

Android Security Bulletin—February 2021Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2021-02-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

IBM QRadar SIEM 路径遍历漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A directory...

Android Security Bulletin—October 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2020-10-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Android Security Bulletin—September 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2020-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes kubelet security vulnerability (CVE-2020-8557)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes kubelet that could result in the denial of service of a node CVE-2020-8557 Vulnerability Details CVEID: CVE-2020-8557 Description: Kubernetes kubelet is vulnerable to a denial of service, caused by an...