Linux Distros Unpatched Vulnerability : CVE-2024-6219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoure...

CVE-2025-57749 n8n has a symlink traversal vulnerability in "Read/Write File" node allows access to restricted files

n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the...

Linux Distros Unpatched Vulnerability : CVE-2018-6138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extensi...

UBUNTU-CVE-2025-2498

An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that under certain conditions could have allowed users to view assigned issues from restricted groups by bypassing IP restrictions...

CVE-2025-2498

CVE-2025-2498 concerns GitLab EE with an improper access control that could allow users to view assigned issues from restricted groups by bypassing IP restrictions. Affected versions are GitLab EE 12.0 through prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2. The connected document...

KLA86379 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Gemini Live can be exploite...

Unspecified Vulnerability in Apple macOS (CNVD-2025-22273)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to break through sandbox restrictions...

KLA85425 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1...

firefox: thunderbird: Incorrect parsing of URLs could have allowed embedding of youtube.com

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security...

KLA84380 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, perform cross-site scripting attack, spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1...

CVE-2024-1633

During the secure boot, bl2 the second stage of the bootloader loops over images defined in the table “bl2memparamsdescs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integ...

CVE-2024-22026

A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance...

CVE-2023-24104

Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets...

CVE-2022-4303

The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based restrictions on login forms...

CVE-2018-20930

cPanel before 70.0.23 allows .htaccess restrictions bypass when Htaccess Optimization is enabled SEC-401...

CVE-2012-5966

The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command...

CVE-2005-2808

frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, which might allow attackers to bypass intended restrictions and access blocked hosts...

KLA83652 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Cross-site...

CVE-2025-1278

GitLab CE/EE contains CVE-2025-1278: an issue in which, under certain conditions, users could bypass IP access restrictions and view sensitive information. Affected versions are GitLab from 12.0 up to 17.9.8 (pre-17.9.8), 17.10 up to 17.10.6 (pre-17.10.6), and 17.11 up to 17.11.2 (pre-17.11.2). T...

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a security restrictions bypass in Psf Requests [CVE-2024-35195]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Psf Requests, caused by an incorrect control flow implementation vulnerability CVE-2024-35195. Psf Requests is used in our Speech Service runtimes. This vulnerabilitiy has been addressed. Please read t...