276237 matches found
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: pcs (UTSA-2026-005318)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005318 advisory. REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace...
PT-2026-7286
Name of the Vulnerable Software and Affected Versions IntelR OptaneTM PMem management software versions CR MGMT 01.00.00.3584, CR MGMT 02.00.00.4052, CR MGMT 03.00.00.0538 Description The software has default permissions that may allow a privilege escalation. An unprivileged software adversary wi...
Intel Optane PMem management software 代码问题漏洞
Intel Optane PMem management software is a persistent memory management software developed by Intel Corporation. Previous versions of Intel Optane PMem management software, such as CRMGMT02.00.00.4052 and CRMGMT03.00.00.0538, contained code vulnerabilities due to improper conditional checks, whic...
PT-2026-7217
An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data...
Intel Graphics Software 安全漏洞
Intel Graphics Software is a graphics configuration management tool developed by Intel, a company in the United States. Versions of Intel Graphics Software prior to 25.30.1702.0 contained security vulnerabilities, which were caused by insecure permission inheritance, potentially leading to...
Intel Optane PMem management software 安全漏洞
Intel Optane PMem management software is a persistent memory management software developed by Intel Corporation. Previous versions of Intel Optane PMem management software, such as CRMGMT01.00.00.3584, CRMGMT02.00.00.4052, and CRMGMT03.00.00.0538, contained security vulnerabilities. These...
PT-2026-7426
Name of the Vulnerable Software and Affected Versions Bridge versions 15.1.3 and 16.0.1 and earlier Description The software contains an out-of-bounds write issue that may allow for arbitrary code execution with the privileges of the current user. A user must open a specially crafted file to...
KLA90879 SUI vulnerability in Microsoft Server Software
A spoofing vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2026-21527 Exploitation Related products Microsoft-Exchange-Server CVE list CVE-2026-21527 high KB list 5074992 Solution Install necessa...
Siemens NX
SUMMARY Siemens NX is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in CGM format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially lead to...
GE Vernova Enervista UR Setup 安全漏洞
GE Vernova Enervista UR Setup is an interface configuration and management software for relay protection devices developed by GE Vernova in the United States. Versions of GE Vernova Enervista UR Setup prior to version 8.6 contained security vulnerabilities, which were due to a vulnerability relat...
VTune™ Profiler Software Advisory
Summary: A potential security vulnerability in some VTune™ Profiler software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20106 Description: Uncontrolled search path in some software install...
Intel® Graphics Advisory
Summary: Potential security vulnerabilities for some Intel® Graphics software may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-32092 Description: Insecure inherited...
CVE-2026-25939
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on...
CVE-2026-25894
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is...
CVE-2026-25958
Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privilege escalation. This vulnerability is fixed in 1.5.13, 1.4.2, and 1.0.14...
CVE-2026-25895 FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. A path traversal vulnerability in FUXA allows an unauthenticated, remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This affects FUXA through version 1.2.9. This issue has been patched ...
CVE-2026-25893 FUXA Unauthenticated Remote Code Execution via Admin JWT Minting
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrative access via the heartbeat refresh API and execute arbitrary code on the server. This issue has...
CVE-2026-25893 FUXA Unauthenticated Remote Code Execution via Admin JWT Minting
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrative access via the heartbeat refresh API and execute arbitrary code on the server. This issue has...
CVE-2026-25939 FUXA Unauthenticated Remote Arbitrary Scheduler Write
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on...
CVE-2026-25939 FUXA Unauthenticated Remote Arbitrary Scheduler Write
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on...