Pterodactyl 代码问题漏洞

Pterodactyl is an open source game server administration panel built using PHP, Nodejs and Go. A code issue vulnerability exists in Pterodactyl version 1.11.11 and earlier that stems from an active SFTP connection not being revoked when a user is removed from a server instance or their SFTP file...

PT-2026-20317

Name of the Vulnerable Software and Affected Versions Apache Tomcat Native versions 1.3.0 through 1.3.4 Apache Tomcat Native versions 2.0.0 through 2.0.11 Apache Tomcat versions 11.0.0-M1 through 11.0.17 Apache Tomcat versions 10.1.0-M7 through 10.1.51 Apache Tomcat versions 9.0.83 through 9.0.11...

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

UBUNTU-CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

Linux Distros Unpatched Vulnerability : CVE-2025-67108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections. CVE-2025-67108...

PT-2025-52764

Name of the Vulnerable Software and Affected Versions eProsima Fast-DDS version 3.3 Description The software contains improper validation for ticket revocation, which can lead to insecure communications and connections. Recommendations At the moment, there is no information about a newer version...

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

Fast-DDS 安全漏洞

Fast-DDS is a complete DDS open source by eProsima. A security vulnerability exists in Fast-DDS version 3.3 that stems from improper ticket revocation validation and could lead to insecure communication...

CVE-2025-67108

CVE-2025-67108 affects eProsima Fast-DDS v3.3. The issue is improper validation for ticket revocation, causing insecure communications and connections. Impact is described as high confidentiality/integrity risk with network-based access and no user interaction. Several connected sources corrobora...

SUSE CVE-2025-66406

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...

EUVD-2025-203404

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A hardcoded Flickr API key and secret are present in the publicly accessible Flickr Zimlet used by Zimbra Collaboration. Because these credentials are embedded directly in the Zimlet, any unauthorized party could retrieve them and...

PYSEC-2025-110

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as isactive=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected...

CVE-2025-65430

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as isactive=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected...

CVE-2025-65430

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as isactive=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected...

CVE-2025-65430

An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as isactive=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected...

Ubuntu 22.04 LTS : OpenStack Keystone vulnerabilities (USN-7926-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7926-1 advisory. Kay discovered that OpenStack Keystone incorrectly handled the ec2tokens and s3tokens APIs. A remote attacker could possibly use this issue to obtain...