Cisco Finesse Remote File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

Cisco Secure Workload Unauthorized API Access Vulnerability

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...

Vulnerabilities that can be addressed in Adobe Connect

Adobe has identified vulnerabilities in Adobe Connect versions 2025.9.15, 2025.8.157, and earlier versions. These vulnerabilities allow attackers to execute arbitrary code on the affected system. This can occur when users interact with malicious URLs or compromised web pages. The first...

Intel Connectivity Performance Suite May 2026 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Connectivity Performance Suite software installers, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the...

Intel® Graphics Advisory

Summary: Potential security vulnerabilities for some Intel® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2026-20794 Description: Buffer overflow for the...

CVE-2026-28983

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause a denial of service...

CVE-2026-8092

Memory safety bugs present in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ES...

Cisco Identity Services Engine Authentication Bypass Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow a remote attacker to bypass authorization mechanisms or examine error messages to gain access to sensitive information on an affected device. For more information about these vulnerabilities, see the Details "details"...

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Following the initial publication of the Security Advisory about a denial of service DoS condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator NSO, additional information has been made available to the Cisco Product Security Incident Response Team PSIRT. Upon...

Cisco IoT Field Network Director Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco IoT Field Network Director Software could allow an authenticated, remote attacker to access files, execute commands, and cause denial of service DoS conditions on managed routers. For more information about these...

Astra Linux - уязвимость в webkit2gtk

This issue has been resolved through improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2, and iPadOS 18.7.2; iOS 26.1 and iPadOS 26.1; macOS Tahoe 26.1; tvOS 26.1; visionOS 26.1; and watchOS 26.1. Processing maliciously crafted web content may lead to memory corruption...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2026-122-03)

The version of mozilla-thunderbird installed on the remote host is prior to 140.10.1esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-122-03 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues...

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file syst...

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting XSS attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has...

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges to root. For more...

Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization...

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. For more information about these vulnerabilities, see the Details "details"...