CVE-2026-25607

Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded. This issue was fixed in version 9.5...

Exploit for Use of Uninitialized Resource in Microsoft

No d...

SUSE CVE-2025-43023

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA...

Apache CXF 安全漏洞

Apache CXF is an open-source web service framework developed by the Apache Foundation in the United States. This framework supports various web service standards and multiple front-end programming APIs. There are security vulnerabilities in Apache CXF; these vulnerabilities arise from incomplete...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.1 contained security vulnerabilities; these vulnerabilities were due to insufficient session expiration time, which could lead to session reuse...

PT-2026-42743

Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded. This issue was fixed in version 9.5...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the insertion of sensitive information into log files, which could lead to resource leaks...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of default passwords, which could allow attempts using common or default usernames and passwords...

PT-2026-42754

Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

CIOP-PIB STER SQL注入漏洞

CIOP-PIB STER is a occupational safety and human factors risk assessment software system developed by the Polish company CIOP-PIB. Versions of CIOP-PIB STER prior to version 9.5 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of multiple search filter...

Unity Linux 20.1050e / 20.1070e Security Update: LibRaw (UTSA-2026-016597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016597 advisory. Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in...

Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from unprotected credential transmission, which could lead to sniffing attacks...

CIOP-PIB STER 安全漏洞

CIOP-PIB STER is a occupational safety and human ergonomics risk assessment software system developed by the Polish company CIOP-PIB. Versions of CIOP-PIB STER prior to version 9.5 contained security vulnerabilities. These vulnerabilities stemmed from the use of weak password encoding algorithms,...

CVE-2025-45145

Directory traversal in Follett Software's Destiny Library Manager 2202rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter...

PT-2026-42763

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An issue in syslink software AG Avantra on Linux and Windows allows the use of common or default usernames and passwords to gain unauthorized access. Recommendations Update to version 25.3.0 or late...

Unity Linux 20.1070e Security Update: HikariCP (UTSA-2026-016726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016726 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Linux Distros Unpatched Vulnerability : CVE-2026-8949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

Division by zero

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

EUVD-2026-30420

Cleartext storage of HMAC signing key in Amazon SageMaker Python SDK ModelBuilder/Serve path...

RLSA-2026:1381 Moderate: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: golang:...