Claude HUD 安全漏洞

Claude HUD is a Claude Code plugin developed by Jarrod Watts, which displays context usage, tool states, and progress. Versions of Claude HUD prior to 0.0.12 contained security vulnerabilities. These vulnerabilities stemmed from the use of raw cwd and branchUrl values to construct OSC 8 terminal...

CVE-2026-23944

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled...

CVE-2026-23944

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the environment proxy middleware. An attacker can gain unauthorized access to and manipulate remote environment resources by sending unauthenticated requests that are proxied to remote...

CVE-2026-23944 Arcane allows unauthenticated proxy access to remote environments

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled...

CVE-2026-23944

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled...

PT-2026-3510

Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.13.2 Description Arcane, an interface for managing Docker containers, images, networks, and volumes, had a flaw where unauthenticated requests could be forwarded to remote environment agents, granting access to remot...

CVE-2025-55077

Tyler Technologies ERP Pro 9 SaaS is affected by CVE-2025-55077, where an authenticated user can escape the application and run limited operating system commands in the remote Windows environment with their own privileges. The available sources describe the vulnerability without explicit technica...

Mitigate Ransomware in a Remote-First World

Ransomware has been a thorn in the side of cybersecurity teams for years. With the move to remote and hybrid work, this insidious threat has become even more of a challenge for organizations everywhere. 2021 was a case study in ransomware due to the wide variety of attacks, significant financial...

Talos Incident Response announces new, lower price through July 25

Today’s world looks very different than three months ago. More people work remotely than ever before. IT teams work around the clock to expand capacity and new software and services are being deployed to handle the load. Within this new remote environment, we have seen new malware families and...

CVE-2018-1000857

log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This attack appear to be exploitable via Malicious unprivileged user executes the vulnerable binary/remot...

Remotely Dump Linux RAM: LiMEaide

LiMEaide is a python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host. I hope that this will simplify Linux digital forensics in a remote environment. In order to use LiMEaide all you need to do is feed a remote Linu...

SAP Sybase SQL Anywhere OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 SAP Sybase SQL Anywhere是一套全面的解决方案,它提供了数据管理、同步和数据交换技术,可快速在远程和移动环境中开发并配置数据库驱动的应用程序。 SAP Sybase SQL Anywhere所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 SAP Sybase SQL Anywhere 12.x SAP Sybase SQL Anywhere 16.x SAP Sybase SQL...