EUVD-2026-23178

Eaton Intelligent Power Protector IPP is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. This security issue has been fixed in the latest version of Eaton IPP software which is available on th...

CVE-2026-22617

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

CVE-2026-22615

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

CVE-2026-22617

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

CVE-2026-22617

Eaton IPP (Intelligent Power Protector) is affected by an insecure cookie configuration that could let a network‑based attacker intercept cookies and perform a man‑in‑the‑middle attack. The description is consistent across multiple sources (NVD, Red Hat, ENISA EUVD, CNNVD, CVE lists, AttackersKB)...

CVE-2026-24749 - DBFile permission bypass

More info at https://www.silverstripe.org/download/security-releases/cve-2026-24749...

Incorrect Authorization

Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to Incorrect Authorization in the Domains.add process. An attacker can bypass domain quota restrictions and exhaust another admin's quota by specifying an arbitrary adminid parameter whe...

MLDAS: Machine Learning Dynamic Algorithm Selection for Software-Defined Networking Security

Network security is a critical concern in the digital landscape of today, with users demanding secure browsing experiences and protection of their personal data. This study explores the dynamic integration of Machine Learning ML algorithms with Software-Defined Networking SDN controllers to enhan...

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime...

PT-2026-33361

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description An issue exists in the MCP adapter due to unsafe serialization of stdio commands, allowing an authenticated attacker to achieve command execution on the underlying operating system. The flaw is locat...

fio 安全漏洞

Fio is a flexible I/O testing software developed by Jens Axboe as an individual project. Version 3.41 of Fio contains a security vulnerability. This vulnerability stems from a null pointer dereferencing during the parsing of job files that contain the fdppli option. It may lead to segmentation...

WAGO Smart Designer 安全漏洞

WAGO Smart Designer is a engineering design software developed by the German company WAGO. Versions of WAGO Smart Designer 2.33.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the ability of certain endpoints to allow iterative requests, which may lead to the...

Simopro WinMatrix 安全漏洞

Simopro WinMatrix is an industrial control software developed by Simopro Company in Taiwan, China. Simopro WinMatrix has a security vulnerability that stems from the lack of authentication, which may allow for the execution of arbitrary code...

PT-2026-33259

Eaton Intelligent Power Protector IPP uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on t...

.NET 9.0 security update

9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389...

CVE-2026-40245 Free5GC: UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authentication

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability in the UDR Unified Data Repository service. The handler for GET /nudr-dr/v2/application-data/influenceData/subs-to-notify sends a...

DEBIAN-CVE-2026-6301

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6384

GIMP contains a buffer overflow in the GIF image loading component’s ReadJeffsImage function. Processing a specially crafted GIF can cause writes beyond the allocated buffer, leading to denial of service and potentially arbitrary code execution. Affected software: GIMP (GIF image processing). Und...

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting XSS attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has...

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...