25 matches found
CVE-2026-52908
A flaw was found in the Linux kernel. This vulnerability occurs during the re-registration of a Remote Direct Memory Access RDMA memory region. If the memory's access permissions are changed from read-only to read-write, the system may fail to properly update and secure the underlying user memory...
Improperly Implemented Security Check for Standard
Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...
Improperly Implemented Security Check for Standard
Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...
Improperly Implemented Security Check for Standard
Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...
Improper Authentication
Shopware is vulnerable to Improper Authentication. The vulnerability is due to insufficient validation and binding of shop installations to their original domains during app re-registration, which allows an attacker to hijack app communication and obtain API credentials intended for legitimate...
CVE-2026-43120
A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access irdma driver. This vulnerability, a double free, occurs during the re-registration of user memory regions. If an internal memory re-registration operation fails, the system attempts to free the same memory twice. This could...
User Impersonation
Overview shopware/platform is a Shopware e-commerce core. Affected versions of this package are vulnerable to User Impersonation in the app registration process. An attacker can gain unauthorized access to sensitive API credentials by exploiting the ability to update the shop-url during...
User Impersonation
Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to User Impersonation in the app registration process. An attacker can gain unauthorized access to sensitive API credentials by exploiting the ability to...
GHSA-C4P7-RWRG-PF6P Shopware vulnerable to a potential take over of app credentials
Summary We identified and fixed a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. By abusing app re‑registration, an attacker could redirect app traffic to an...
CVE-2026-31889 Shopware has a potential take over of app credentials
Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...
CVE-2026-31889
Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...
CVE-2026-31889 Shopware has a potential take over of app credentials
Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...
PT-2026-24795
Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...
Security update for keylime
This update for keylime fixes the following issues: CVE-2025-13609: avoid re-registration of clients with same UUID but with different TPM identity bsc1254199. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0217-1 Security update for keylime
This update for keylime fixes the following issues: - CVE-2025-13609: avoid re-registration of clients with same UUID but with different TPM identity bsc1254199...
EUVD-2004-2380
Malware in sbrugna...
The vulnerability of Elber Communications Equipment’s software products lies in their ability to bypass the authentication process by using an alternative path or channel. This allows attackers to circumvent the authentication procedures.
The vulnerability of Elber Communications Equipment’ software products relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process and re-register user credentials...
Migration of Android Devices registered via GCM to FCM
There is no automatic update from Azure Notification Hub or Google Push Notification Service to migrate Android clients from the FCM legacy protocol to the latest FCMv1 protocol. As a result, affected users will need to manually re-register their devices with NetScaler Gateway. Please refer to th...
How to re-register device profile on Citrix Cloud ADM for the Citrix cloud hosted Netscalers
How to re-register device profile on Citrix Cloud ADM for the Citrix cloud hosted Netscalers...
The vulnerability of the NPM package manager’s library `@npmcli/arborist` allows a attacker to re-record files by manipulating symbolic links.
The vulnerability of the NPM package manager’s library @npmcli/arborist is related to errors that occur when running the npm install --ignore-scripts command. Exploiting this vulnerability could allow an attacker to re-register files by manipulating symbolic links...