UBUNTU-CVE-2026-0965

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service DoS by causing the system t...

EUVD-2025-20789

Malicious code in bioql PyPI...

CVE-2025-7378

An improper Input Validation vulnerability allows injecting arbitrary values of the NAS configuration file in ASUSTOR ADM. This could potentially lead to system misconfiguration and break the format of the configuation file, causing the NAS to exhibit unexpected behavior. This issue affects ADM:...

CVE-2025-7378

An improper Input Validation vulnerability allows injecting arbitrary values of the NAS configuration file in ASUSTOR ADM. This could potentially lead to system misconfiguration and break the format of the configuation file, causing the NAS to exhibit unexpected behavior. This issue affects ADM:...

CVE-2025-7378 An improper input validation vulnerability was found on manipulating configuration of ADM

An improper Input Validation vulnerability allows injecting arbitrary values of the NAS configuration file in ASUSTOR ADM. This could potentially lead to system misconfiguration and break the format of the configuation file, causing the NAS to exhibit unexpected behavior. This issue affects ADM:...

CVE-2025-7378

ASUSTOR ADM CVE-2025-7378 is an improper input validation vulnerability affecting ADM versions 4.1 through 4.3.1.R5A0, allowing arbitrary values to be injected into the NAS configuration file and potentially causing misconfiguration and unexpected NAS behavior. The issue is mitigated by updating ...

CVE-2025-27022

The CVE-2025-27022 entry concerns Infinera G42 WebGUI HTTP endpoint in version R6.1.3 with a path traversal vulnerability. Root cause: lack of sufficient validation of user-supplied input enables authenticated users to access files readable by the httpd service user, potentially downloading OS fi...

CVE-2025-27021 Operating System Misconfiguration in Infinera G42

The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by...

CVE-2023-47579

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system...

Information disclosure

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system...

Microsoft Security tips for mitigating risk in mergers and acquisitions

Sixty-two percent of organizations that undertake mergers and acquisitions face significant cybersecurity risks or consider cyber risks their biggest concern post-acquisition.1 Threat actors that focus on corporate espionage often target the acquiring company, which we will refer to as the Parent...

Nord Security: Getting SmartDNS for free from - join.nordvpn.com

The reporter identified an issue within our backend system which performs validation of the active services. There was a misconfiguration related to caching and time period calculation. This lead to SmartDNS service being active for a longer period of time than it should have been, compared with...