TencentOS Server 3: python3.11 (TSSA-2026:0375)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0375 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2026-41074

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

CVE-2026-41076

RT authentication bypass via LDAP affects versions 5.0.9 and earlier and 6.0.0–6.0.2, where certain LDAP configurations allow login as any LDAP-backed RT user without valid credentials. The issue is fixed in RT 5.0.10 and 6.0.3. Recommended remediation: upgrade to the fixed versions; if upgrading...

EUVD-2026-31506

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

CVE-2026-41074

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

CVE-2026-41074 RT has broken CSRF protection for authenticated users

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel before version 6.0.3, the file drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the return value of drmgemshmemgetsgtable. It expects the value to be NULL in the error case, but in reality, it is an error pointer...

PT-2026-22742

Name of the Vulnerable Software and Affected Versions Django versions 4.2 before 4.2.29 Django versions 5.2 before 5.2.12 Django versions 6.0 before 6.0.3 Django versions 3.2.x and earlier Django versions 4.1.x and earlier Django versions 5.0.x and earlier Description A race condition exists in...

WordPress Essential Addons for Elementor plugin <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Filterable Gallery Widget vulnerability discovered by zer0gh0st in WordPress Plugin Essential Addons for Elementor versions = 6.0.3...

Linux Distros Unpatched Vulnerability : CVE-2024-8654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This...

VulnCheck KEV: CVE-2025-39475

Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through = 6.0.3...

CVE-2022-36037

kirby is a content management system CMS that adapts to many different projects and helps you build your own ideal interface. Cross-site scripting XSS is a type of vulnerability that allows execution of any kind of JavaScript code inside the Panel session of the same or other users. In the Panel,...

WordPress The Plus Addons for Elementor plugin <= 6.0.3 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates vulnerability

Authenticated Contributor+ Sensitive Information Exposure via Elementor Templates vulnerability discovered by Ankit Patel in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.0.3...

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions v6.0 through 6.0.3 that stems from...

UBUNTU-CVE-2024-8207

In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server...

CVE-2024-40603

creationtimestamp| type| source ---|---|--- 2024-07-07 02:57:28+00:00| seen| https://t.me/cvedetector/156 2025-03-17 21:47:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7860...

IBM Sterling Secure Proxy 跨站脚本漏洞

IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A cross-site scripting vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0. An attacker...

IBM Sterling Secure Proxy Security Vulnerability

IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which stems from a vulnerability...

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. An information disclosure vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which...

CVE-2023-32338

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585...