CVE-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

PT-2025-30359 · Unknown · Haxcms-Nodejs

Name of the Vulnerable Software and Affected Versions: HAX CMS NodeJS versions 11.0.9 and below Description: HAX CMS NodeJS is distributed with hardcoded default credentials for user and superuser accounts and default private keys for JWTs. Users are not prompted to change these credentials or...

ClamAV

RISK EVALUATION ClamAV is an open source antivirus maintained by Cisco. A heap-based buffer overflow vulnerability in the PDF scanning process of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service or possibly execute arbitrary code. 2. RECOMMENDED PRACTICES...

Intel® QAT Software Advisory

Summary: A potential security vulnerability for some Intel® QuickAssist Technology Intel® QAT software for Windows may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-39833 Description: Uncontrolle...

PT-2023-35126 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.92 Description: The issue is related to an incorrect offset calculation in the erofs/zmap.c file. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to...

PT-2022-33540 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue concerns a potential security vulnerability related to an snprintf overflow in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations...

PT-2019-9039 · Yandex · Clickhouse

Name of the Vulnerable Software and Affected Versions: ClickHouse versions prior to 1.1.54388 Description: The issue allows for Cross Protocol Request Forgery Attacks due to the "remote" table function permitting arbitrary symbols in the user, password, and default database fields. Recommendation...

Debian DSA-680-1 : htdig - unsanitised input

Michael Krax discovered a cross site scripting vulnerability in ht://dig, a web search system for an intranet or small internet. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-680. The te...

DSA-562-2 mysql - several vulnerabilities

Bulletin has no description...

[SECURITY] [DSA 165-1] New PostgreSQL packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 165-1 [email protected] http://www.debian.org/security/ Martin Schulze September 12th, 2002 http://www.debian.org/security/faq -...