[SECURITY] [DSA 6209-1] xdg-dbus-proxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6209-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 13, 2026 https://www.debian.org/security/faq -...

CVE-2026-4253

A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function routesetuserpolicyrule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack...

CVE-2026-4253 Tenda AC8 Web UploadCfg route_set_user_policy_rule os command injection

A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function routesetuserpolicyrule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack...

GHSA-8JVJ-P28H-9GM7 ImageMagick: Policy bypass through path traversal allows reading restricted content despite secured policy

ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/ can be bypassed by a path traversal. The OS resolves the traversal and opens the sensitive file, but the policy matcher only sees the unnormalized...

CVE-2013-6077

Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions...

EUVD-2024-2923

Malicious code in bioql PyPI...

CVE-2024-47825

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

BIT-HUBBLE-RELAY-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

BIT-CILIUM-OPERATOR-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

CVE-2024-47825 CIDR deny policies may not take effect when a more narrow CIDR allow is present

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

CVE-2024-47825

CVE-2024-47825 affects Cilium's policy evaluation in versions prior to 1.14.16 and 1.15.10, where a rule denying a wide CIDR (> /32) could be ignored if a narrower rule references CIDRSet or toFQDN and uses enableDefaultDeny: false or toEntities: all. The issue is mitigated by upgrading to Cil...

GHSA-3WWX-63FV-PFQ6 Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present

Impact A policy rule denying a prefix that is broader than /32 may be ignored if there is - A policy rule referencing a more narrow prefix CIDRSet or toFQDN and - This narrower policy rule specifies either enableDefaultDeny: false or - toEntities: all Note that a rule specifying toEntities: world...

Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products

The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-47076, CVE-2024-47177, CVE-2024-47175, and CVE-2024-47176 in the Common UNIX Printing System CUPS as they relate to our products. Based on current information, Palo Alto Networks products and cloud services do not conta...

Have You Checked the New Kubernetes RBAC Swiss Army Knife?

Kubernetes Role-Based Access Control RBAC is a method of regulating access to computer or network resources based on the roles of individual users within your organization. RBAC authorization uses the rbac.authorization.k8s.io API group to drive authorization decisions, allowing you to dynamicall...

March 22, 2018—KB4089848 (OS Build 16299.334)

March 22, 2018—KB4089848 OS Build 16299.334 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue with a GDI handle leak in the Windows Ribbon control. Addresses issue where user...

Cisco FireSIGHT System Software SSLIinspection Bypass Vulnerability

A vulnerability in SSL inspection for Cisco FireSIGHT System software could allow an unauthenticated, remote attacker to bypass configured do-not-decrypt rules in the SSL policy rule set. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources...

CVE-2013-6077

Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions...

CVE-2013-6077

Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions...