UBUNTU-CVE-2026-52844

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\secret.txt as outside /private/, but fileserver later resolves the same request path as private\secret.txt on disk. An unauthenticated remote client can bypass Caddy...

UBUNTU-CVE-2026-45692

Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In this case, a path authorized for one config object is accepted, but then resolves to a different...

2026-05 .NET 9.0.16 Security Update for x64 Server (KB5093448)

2026-05 .NET 9.0.16 Security Update for x64 Server KB5093448...

CVE-2026-27589

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the local caddy admin API default listen 127.0.0.1:2019 exposes a state-changing POST /load endpoint that replaces the entire running configuration. When origin enforcement is not enabled enforceorigin not...

VulnCheck KEV: CVE-2024-7694

ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, which can be used to execute arbitrary system command on the server...

mXSS (mutation Cross-Site Scripting) dompurify Dependency in Jira Software Data Center and Server

This is a vulnerability in a non-Atlassian Jira dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity nesting-based mXSS mutation Cross-Site Scripting vulnerability was introduced in version 10.3.0 of Jira Software Data Center...

EUVD-2017-14783

Malware in sbrugna...

EUVD-2018-4125

Malware in sbrugna...

EUVD-2018-4176

Malware in sbrugna...

EUVD-2025-24439

Malicious code in bioql PyPI...

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

PT-2025-32698

Name of the Vulnerable Software and Affected Versions: IntelR CSME and IntelR SPS affected versions not specified Description: An observable timing discrepancy in firmware may allow a privileged user to potentially enable information disclosure via local access. Recommendations: At the moment,...

Intel SPS和Intel CSME 安全漏洞

Intel SPS and Intel CSME are both products of Intel Corporation Intel, U.S.A. Intel SPS is a server platform service. Intel CSME is a converged security management engine. A security vulnerability exists in Intel SPS and Intel CSME that stems from an observable time difference that could lead to...

2025.3 IPU, Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Converged Security and Manageability Engine CSME, Intel® Server Platform Services Intel® SPS, Intel® Active Management Technology AMT, and Intel® Standard Manageability may allow information disclosure or escalation of privilege. Intel is...

CVE-2020-0545

Integer overflow in subsystem for IntelR CSME versions before 11.8.77, 11.12.77, 11.22.77 and IntelR TXE versions before 3.1.75, 4.0.25 and IntelR Server Platform Services SPS versions before SPSE504.01.04.380.0, SPSSoC-X04.00.04.128.0, SPSSoC-A04.00.04.211.0, SPSE304.01.04.109.0,...

The vulnerability of the microprogramming software for Intel Server Platform Services (SPS) chipsets like Intel C740, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of the microprogramming software in Intel Server Platform Services SPS chipsets of the Intel C740 is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to cause service failures...

Intel SPS 输入验证错误漏洞

Intel SPS is a server platform service from Intel Corporation USA. An input validation error vulnerability exists in versions prior to Intel SPS SPSE506.01.04.059.0, which stems from improper input validation and results in a local denial of service...

The vulnerability of software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP platform lies in the insufficient protection of operational data, which allows attackers to disclose confidential information.

The vulnerabilities of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server are related to insufficient protection of operational data. Exploiting these vulnerabilities can allow attackers to disclose sensitive information...

Intel SPS Resource Management Error Vulnerability

Intel SPS is a server platform service from Intel Corporation USA. Intel SPS suffers from a resource management error vulnerability that originates from allowing a privileged user to implement a denial of service via network access. Affected Products and Versions:Intel SPS SPSE504.04.04.500.0 pri...