CVE-2026-21021

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...

EUVD-2026-12301

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application...

CVE-2026-20992

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application...

CVE-2025-52863

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...

Apple macOS Tahoe Underchecked Vulnerability

Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from an insufficient inspection vulnerability that can be exploited by an attacker to ask for...

nautilus bug fix and enhancement update

An update is available for nautilus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...

Hitachi Energy IEC 61850 MMS-Server (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: IEC 61850 MMS-Server Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could cause products using the IEC 61850 MMS-server...

Unbreakable Enterprise kernel security update

4.1.12-124.14.5 - vhost/scsi: fix reuse of &vq-iovout in response Benjamin Coddington Orabug: 27928330 4.1.12-124.14.4 - kernel.spec: add requires system-release for OL7 Brian Maly Orabug: 27955380 - x86/kernel/traps.c: fix tracedienotifier return value Kris Van Hees CVE-2018-8897 - x86/entry/64:...

CVE-2015-4230

Cisco Headend System Releases are affected by CVE-2015-4230 due to a memory leak that can be exploited remotely to cause a denial of service (memory consumption). The issue is exploitable over network with no authentication required, per CVE details and Cisco security advisory indicating no softw...

Cisco Conductor for Videoscape and Cisco Headend System Release Arbitrary Cookie Injection Vulnerabilities

Cisco Unified MeetingPlace is a multimedia conferencing solution. The solution provides a user environment that integrates voice, video and Web conferencing. A security vulnerability exists in Cisco Conductor for Videoscape and Cisco Headend System Release, where a remote attacker sends a special...

Cisco Headend System Release Digital Broadband Delivery System CRLF Injection Vulnerability

The Cisco Headend System Release Digital Broadband Delivery System is a digital broadband delivery system. The system provides content protection, video-on-demand, and dbd backup and recovery. A CRLF injection vulnerability in the HTTP Header handler in the Digital Broadband Delivery System for...

Cisco Headend System Release UDP Denial of Service Vulnerability

The Cisco Headend System Release is a front-end broadband digital transmission system. A security vulnerability in Cisco DTACS and Cisco Headend System Release allows a remote attacker to send a large number of special UDP requests to conduct a denial-of-service attack and cause system outages...

Cisco Headend System Release Sensitive Information Disclosure Vulnerability

The Cisco Headend System Release is a front-end broadband digital transmission system. A security vulnerability exists in the Cisco Headend System Release that could allow a remote attacker to submit a specially crafted HTTP request to read a temporary script file or archive to obtain sensitive...

Crlf injection

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting XSS attacks, via a crafted request, aka Bug ID...

CVE-2015-0733

Cisco Headend System Release Digital Broadband Delivery System is affected by a CRLF injection vulnerability in the HTTP Header Handler, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response-splitting attacks (potentially enabling XSS). The issue, tracked as CVE-201...

CVE-2015-0733

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting XSS attacks, via a crafted request, aka Bug ID...