BIT-NATS-2026-33216 NATS has MQTT plaintext password disclosure

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement JWT and exposed via monitoring...

SUSE-SU-2025:21194-1 Security update for keylime

This update for keylime fixes the following issues: Update to version 7.13.0+40. Security issues fixed: - CVE-2025-13609: possible agent identity takeover due to registrar allowing the registration of agents with duplicate UUIDs bsc1254199. - CVE-2025-1057: registrar denial-of-service due to...

EUVD-2023-1049

Malicious code in bioql PyPI...

Misskey Authorization Issues Vulnerabilities

Misskey is a suite of micro-blogging platforms. An authorization issue vulnerability exists in Misskey versions prior to 2023.12.1, which stems from the ability to access certain endpoints or websocket APIs designated as secure or safe and perform actions such as reading or adding public content...

CVE-2022-3294 Node address isn't always verified when proxying

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...

CVE-2022-3294 Node address isn't always verified when proxying

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to...

PT-2022-5810 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the management web server of Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker with high...

chisel - A fast TCP tunnel over HTTP

Chisel is a fast TCP tunnel, transported over HTTP. Single executable including both client and server. Written in Go Golang. Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network. Chisel is very similar to crowbar though...

Mandriva Linux Security Advisory : krb5 (MDVSA-2008:069)

Multiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code CVE-2007-5901, CVE-2007-5971. A flaw was...