[SECURITY] Fedora 42 Update: dcmtk-3.6.9-2.fc42

DCMTK is a collection of libraries and applications implementing large parts the DICOM standard. It includes software for examining, constructing and converting DICOM image files, handling offline media, sending and receiving images over a network connection, as well as demonstrative image storag...

CVE-2025-20055

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS command...

CVE-2025-20016

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management page of the affected product may execute an arbitrary OS command...

CVE-2025-20055

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS command...

CVE-2025-20055

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS command...

CVE-2025-20055

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS command...

CVE-2025-20016

STEALTHONE D220/D340/D440 network storage servers from Y'S corporation are affected by CVE-2025-20016, an OS command injection (CWE-78) in the web management page. A user with administrative privileges can log in and execute arbitrary OS commands. Public write-ups confirm impact to the web UI as ...

CVE-2025-20016

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management page of the affected product may execute an arbitrary OS command...

CVE-2025-20016

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management page of the affected product may execute an arbitrary OS command...

GHSA-4X83-5GW5-Q346 Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers

Unspecified vulnerability in Zope Object Database ZODB before 3.8.2, when certain Zope Enterprise Objects ZEO database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol...

Synology DiskStation Manager Buffer Overflow Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A buffer overflow vulnerability exists in Synology DiskStation Manager DSM,...

Synology DiskStation Manager SQL Injection Vulnerability (CNVD-2022-27445)

Synology DiskStation Manager DSM is an operating system used on network storage servers NAS by Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in Synology DiskStation Manager, which stems from the failure of the product's Log Management function to handle special characters i...

Synology DiskStation Manager SQL注入漏洞

Synology DiskStation Manager DSM is an operating system used on network storage servers NAS by Synology Inc. of Taiwan, China. A SQL injection vulnerability exists in Synology DiskStation Manager, which stems from the failure of the product's Log Management function to handle special characters i...

Johnson Controls Exacq Technologies exacqVision

1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Exacq Technologies, Inc., a subsidiary of Johnson Controls, Inc. Equipment: exacqVision Vulnerability: Off-by-one Error 2. RISK EVALUATION A local attacker could exploit this vulnerability to obtain “Super User” access to the underlying Ubuntu Linux...

Synology DiskStation Manager Sensitive Information Plaintext Transfer Vulnerability (CNVD-2021-13678)

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A sensitive information clear text transfer vulnerability exists in synorelay...

Buffer Error Vulnerability in Multiple HPE Products

HPE Cloudline CL5800 Gen9 Server and others are a dense cloud storage server appliance from HPE America. A buffer error vulnerability exists in multiple HPE Cloudline products, which stems from a local buffer overflow in the spxrestservice setfwimagelocationfunc function. The following products a...

ThreatList: Dead Web Apps Haunt 70 Percent of FT 500 Firms

A study of abandoned websites owned by leading global corporations hammers home the point that old web applications need to be properly mitigated or retired. Otherwise, these resources often haunt a firm long after they have been forgotten. Researchers at High-Tech Bridge used the Financial Times...

Low: Red Hat Security Advisory: Red Hat Storage 2.0 security, bug fix, and enhancement update #3

Updated glusterfs packages that fix multiple security issues, several bugs, and contain enhancements are now available for Red Hat Storage 2.0. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...