CVE-2026-13325

The CVE-2026-13325 issue affects KubeVirt’s migration proxy. When spec.configuration.migrations.disableTLS is set to true, the target virt-handler binds a plain TCP listener on all interfaces (0.0.0.0/::) on a random port with no authentication, peer allow-list, or handshake token. This listener ...

SAP NetWeaver ABAP Platform 安全漏洞

SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from improper validation of RFC protocols. This vulnerability allows unauthorized attackers to send specially crafted...

CVE-2026-21404

NAVTOR NavBox (versions up to 4.16.1.20) contains hard-coded credentials in its Windows Communication Foundation (SOAP) implementation. When SOAP is enabled, a local attacker can extract credentials and bypass the intended transfer workflow. Successful authentication to the SOAP interface grants ...

EUVD-2026-23270

An issue in the Bluetooth Low Energy BLE control interface of the Yamaha SR-B30A sound bar firmware 2.40 Mobile App: Sound Bar Remote / version: 2.40 allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol...

CVE-2026-37100

An issue in the Bluetooth Low Energy BLE control interface of the Yamaha SR-B30A sound bar firmware 2.40 Mobile App: Sound Bar Remote / version: 2.40 allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol...

CVE-2026-5344

A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mtuploadImage of the file rpc/TXPRPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the...

NewStart CGSL MAIN 6.06 (SP) : p11-kit Multiple Vulnerabilities (NS-SA-2026-0024)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has p11-kit packages installed that are affected by multiple vulnerabilities: - An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit...

CVE-2026-25959

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

EUVD-2021-20434

Malware in sbrugna...

EUVD-2022-27081

Malicious code in bioql PyPI...

EUVD-2024-28011

Malicious code in bioql PyPI...

EUVD-2022-27080

Malicious code in bioql PyPI...

EUVD-2022-27069

Malicious code in bioql PyPI...

RLSA-2025:10635 Moderate: gnome-remote-desktop security update

GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment. Security Fixes: gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs CVE-2025-5024 For more details about the security issues, including the impact, a CVSS score,...

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

git: Git arbitrary file writes

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles,...

gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer bei...

CVE-2020-11628

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. It is intended to support restriction of available remote protocols CMP, ACME, REST, etc. through the system configuration. These restrictions can be bypassed by modifying the URI string from a client. EJBCA's internal acces...

Linux Distros Unpatched Vulnerability : CVE-2020-1472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the...

SUSE CVE-2016-0788

The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener...