[SECURITY] Fedora 42 Update: rust-resctl-bench-2.2.5-12.fc42

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, testing resource control end-to-end requires scenarios involving realistic...

[SECURITY] Fedora 43 Update: rust-resctl-bench-2.2.5-12.fc43

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, testing resource control end-to-end requires scenarios involving realistic...

CI4MS 跨站脚本漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper handling of user input related to email settings in system configurations, which could lead to...

CVE-2026-23597

The CVE-2026-23597 entry concerns an issue in the API error handling of HPE Aruba Networking 5G Core server API that could allow an unauthenticated remote attacker to obtain sensitive information. The available documents indicate that exploitation could reveal user accounts, roles, system configu...

[SECURITY] Fedora 43 Update: rust-resctl-bench-2.2.5-10.fc43

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, testing resource control end-to-end requires scenarios involving realistic...

CVE-2020-37118

P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interaction. Attackers can craft malicious web pages to add new admin users, change passwords, and modify system configurations by tricking...

CVE-2025-57796 Use of a hardcoded static key to protect sensitive data in Explorance Blue

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained...

PT-2026-5175

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained...

EUVD-2023-60236

D-Link DSL-124 ME1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing...

CVE-2023-53974 D-Link DSL-124 ME_1.00 Backup Configuration File Disclosure via Unauthenticated Request

D-Link DSL-124 ME1.00 contains a configuration file disclosure vulnerability that allows unauthenticated attackers to retrieve router settings through a POST request. Attackers can send a specific POST request to the router's configuration endpoint to download a complete backup file containing...

EUVD-2019-3206

Malware in sbrugna...

EUVD-2020-0560

Malware in sbrugna...

EUVD-2019-10420

Malware in sbrugna...

EUVD-2005-3719

Malware in sbrugna...

EUVD-2025-24008

Malicious code in bioql PyPI...

EUVD-2022-27556

Malicious code in bioql PyPI...

EUVD-2022-27954

Malicious code in bioql PyPI...

PT-2025-32386 · Mitel · Micollab +1

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8 SP2 9.8.2.12 Description: A vulnerability exists in the NuPoint Unified Messaging NPM component that could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input...

WordPress plugin Reveal Listing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress Reveal Listing suffers from an elevation of privilege vulnerability that stems from allowing users to set roles, which can be exploited by an attacker to tamper...

CVE-2025-20286

A vulnerability in Amazon Web Services AWS, Microsoft Azure, and Oracle Cloud Infrastructure OCI cloud deployments of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuration...