CVE-2025-9559

Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data...

CVE-2025-44824

Nagios Log Server prior to 2024R1.3.2 is affected by CVE-2025-44824. An authenticated user with read-only API access can call /nagioslogserver/index.php/api/system/stop?subsystem=elasticsearch to stop Elasticsearch. The API reportedly returns could not stop elasticsearch, yet the service stops, e...

Mobility 只读API 安全漏洞

NetMotion Mobility is a mobile VPN software from NetMotion, Inc. It is used to securely extend enterprise networks to mobile environments. A security vulnerability exists in Mobility's read-only API, which stems from access control incorrectly validating user access rights. An attacker could...

Red Hat libvirt Security Bypass Vulnerability

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. It supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security bypass vulnerability exists in Red Hat libvirt 4.8...