7086 matches found
abrt security update
An update is available for abrt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Automatic Bug Reporting Tool ABRT recognizes defects in applications and...
PT-2026-42559
Concrete CMS 9.5.0 and below is vulnerable to IDOR. The /ccm/frontend/conversations/message detail endpoint returns the full content of any conversation message. An unauthenticated attacker can enumerate all conversation messages, including messages from restricted pages, member-only areas, and t...
securite-des-reseaux-informatiques
Sécurité des Réseaux Informatiques d'Entreprise - Projet Pytho...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Always report an error in runonedelayedref. Currently, we have a btrfsdebug function for handling failures in runonedelayedref. However, if end users encounter such problems, there will be no chance that btrfsDebug is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: airoha: Fixed the qid issue in the airohatcgethtbgetleafqueue routine. Fixed the following kernel warnings when deleting HTB offloaded leafs and/or root HTB qdisc in the airohaeth driver: The HTB qdisc properly reports qi...
Detecting Offensive Cyber Agents: A Detection-In-Depth Approach
Artificial Intelligence AI agents can now orchestrate cyberattacks. This development is already increasing the speed and scale of cyber attacks, decreasing attack costs, and improving the operational autonomy of cyber capabilities. To defend against these emerging threats, actors must first devel...
cisco-hypershield
Ansible Collection: stevefulme1.ciscohypershield Ansible Col...
kernel: PCI/AER: Avoid NULL pointer dereference in aer_ratelimit()
A flaw was found in the Linux kernel PCI/AER Advanced Error Reporting subsystem. When platform firmware reports error information via the ACPI APEI GHES mechanism for a device that does not advertise an AER capability, dev-aerinfo remains NULL. The function aerratelimit does not check for this...
Kieback & Peter DDC Building Controllers
ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...
shadowstrike
⚡ ShadowStrike AI-Powered Advanced Security Testing Platf...
Exploit for CVE-2026-0265
CVE-2026-0265 Risk Checker for Palo Alto PAN-OS A Python script...
KonR
KonR Hierarchical multi-agent AI penetration testing system p...
AutoPentest-Framework
AutoPentest Framework A modular Automated Penetration Testing...
CVE-2026-21821
The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...
CVE-2026-21821 HCL BigFix SCM Reporting is affected by vulnerabilities in jQuery
The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...
CVE-2026-21821 HCL BigFix SCM Reporting is affected by vulnerabilities in jQuery
The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...
CVE-2026-21821
The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...
DORA Compliance Cybersecurity Guide for Finance
DORA Compliance Cybersecurity: A Practical Guide for Financial Services Teams DORA compliance cybersecurity is now a board-level priority for banks, insurers, investment firms, payment providers, and the ICT providers that support them. The Digital Operational Resilience Act shifts the conversati...
Security Incentivization: An Empirical Study of How Micropayments Impact Code Security
Security often receives insufficient developer attention because it does not directly generate visible value, leading to underinvestment in practice. We evaluate a countermeasure by team-level incentives tied to measurable security improvements over time. Our semi-automated mechanism aggregates...
HCL BigFix SCM Reporting 安全漏洞
HCL BigFix SCM Reporting is a security configuration management reporting component developed by the Indian company HCL. HCL BigFix SCM Reporting has a security vulnerability that stems from the use of outdated and unsupported jQuery 1.x libraries. This vulnerability may increase the risk of...