10759 matches found
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of React Router
Summary Due to use of React Router, DevOps Test Performance and Rational Performance Tester contain a Open Redirect vulnerability, potentially enabling phishing or credential theft. Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 throu...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the glob npm package
Summary Due to use of the glob npm package, DevOps Test Performance and Rational Performance Tester contain a potential command injection vulnerability. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior t...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Connect2id Nimbus JOSE + JWT library
Summary Due to use of the Connect2id Nimbus JOSE + JWT library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the npm semver package
Summary Due to use of the npm semver package, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Versions of the package semver before 7.5.2 are vulnerable to...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Node.js on-headers middleware
Summary Due to use of the Node.js on-headers middleware, DevOps Test Performance and Rational Performance Tester contain an Improper Handling of Unexpected Data Type vulnerability, potentially enabling header manipulation. Vulnerability Details CVEID:CVE-2025-7339 DESCRIPTION: on-headers is a...
CVE-2026-32184
Deserialization of untrusted data in Microsoft High Performance Compute Pack HPC allows an authorized attacker to elevate privileges locally...
Pyroscope 安全漏洞
Pyroscope is an open-source continuous performance analysis platform developed by Grafana. Vulnerabilities exist in versions prior to Pyroscope 1.15.2, 1.16.1, and 1.17.0. These vulnerabilities stem from improper configuration, potentially allowing attackers to extract the secretkey configuration...
PT-2026-33212
Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.26 Description An issue exists when parsing crafted multipart/form-data requests containing large preamble or epilogue sections. Two inefficient parsing paths can be abused: the parser handles leading CR...
Fedora 42 : webkitgtk (2026-36594550b0)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-36594550b0 advisory. Update to 2.52.1. Notable changes from 2.50 to 2.52: Make text look like in other browsers by blending in linear color space. Improved rendering...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit these vulnerabilities by having multiple Azure and Microsoft components fail to validate input adequately or process untrusted data insecurely, allowing an authorized attacker to increase privileges...
EUVD-2026-22565
Deserialization of untrusted data in Microsoft High Performance Compute Pack HPC allows an authorized attacker to elevate privileges locally...
CVE-2026-32184
Deserialization of untrusted data in Microsoft High Performance Compute Pack HPC allows an authorized attacker to elevate privileges locally...
CVE-2026-32184 Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability
...
CVE-2026-32184 Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability
...
CVE-2026-32184
CVE-2026-32184 concerns Microsoft High Performance Compute (HPC) Pack with an Elevation of Privilege vulnerability. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) yields a base score of 7.8 (HIGH) where the attacker requires local access, low attack complexity and low privileges, with ...
Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability
Deserialization of untrusted data in Microsoft High Performance Compute Pack HPC allows an authorized attacker to elevate privileges locally...
Microsoft High Performance Compute Pack 代码问题漏洞
Microsoft High Performance Compute Pack is a high-performance computing solution provided by Microsoft Corporation in the United States. It is primarily used for creating and managing high-performance computing clusters. There are code-related vulnerabilities in the Microsoft High Performance...
[SECURITY] Fedora 43 Update: trafficserver-10.1.2-1.fc43
Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow server core
Summary Due to use of Undertow, DevOps Test Performance and Rational Performance Tester contain a potential improper input validation vulnerability. CVE-2025-12543 Vulnerability Details CVEID:CVE-2025-12543 DESCRIPTION: A flaw was found in the Undertow HTTP server core, which is used in WildFly,...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow web server component
Summary Due to use of the Undertow web server component, DevOps Test Performance and Rational Performance Tester contain a potential vulnerability that can cause a denial of service DoS. CVE-2024-3884 Vulnerability Details CVEID:CVE-2024-3884 DESCRIPTION: A flaw was found in Undertow that can cau...