F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP, which stems from virtual servers...

SUSE CVE-2026-34477

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

GHSA-6HG6-V5C8-FPHQ Apache Log4j Core: `verifyHostName` attribute silently ignored in TLS configuration

The fix for CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName system property, but not when configured through the verifyHostName attribute of the element. Although the verifyHostName configuration attribute was introduced in Log4...

CVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

CVE-2026-34477

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

CVE-2026-22750 SSL bundle configuration silently bypassed in Spring Cloud Gateway

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

EulerOS Virtualization 2.12.1 : python3 (EulerOS-SA-2026-1455)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorit...

CVE-2010-0563

The Single Sign-on SSO functionality in IBM WebSphere Application Server WAS 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted...

CVE-2025-14405

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

CVE-2025-14406

Soda PDF Desktop Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Soda PDF Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system...

CVE-2025-14405 PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

CVE-2025-14405 PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

EUVD-2025-203315

NXLog Agent before 6.11 can load a file specified by the OPENSSLCONF environment variable...

PT-2025-45096

Name of the Vulnerable Software and Affected Versions BMC Control-M/Agent affected versions not specified Description The Control-M/Agent is susceptible to unauthenticated remote code execution, arbitrary file read and write, and other unauthorized actions when mutual SSL/TLS authentication is no...

EUVD-2007-4494

Malware in sbrugna...

EUVD-2010-0594

Malware in sbrugna...

EUVD-2014-0878

Malware in sbrugna...

EUVD-2012-5653

Malware in sbrugna...

CVE-2025-27237 DLL injection in Zabbix Agent and Agent 2 via OpenSSL configuration

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...

EUVD-2025-32239

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...