115 matches found
CVE-2026-24212
NVIDIA Isaac Launchable for Linux contains a vulnerability where sensitive information is transmitted in clear text. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
Stego Battlefield: Evaluating Image Steganography Attacks and Steganalysis Defenses
Image steganography is widely used to protect user privacy and enable covert communication. However, it can also be abused by the adversary as a covert channel to bypass content moderation, disseminate harmful semantics, and even hide malicious instructions in images to elicit dangerous outputs...
[SECURITY] Fedora 43 Update: dokuwiki-20250514b-3.fc43
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...
CVE-2026-4873
A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...
PT-2026-35891
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description A flaw exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is performed in clear-text via IMAP,...
CVE-2026-2399
CWE-22 Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause critical files overwritten with text data when a Web Admin user alters the POST /REST/upssleep request payload...
CVE-2025-13490 IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1...
EUVD-2025-208249
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1...
Tenda F3 安全漏洞
Tenda F3 is a wireless router produced by the Chinese company Tenda. The Tenda F3 V12.01.01.55multi version has a security vulnerability. This vulnerability stems from the configuration download function, which exposes sensitive information in plain text, and the lack of cache control instruction...
CVE-2026-0484
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...
CVE-2026-0484
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...
CVE-2026-0484
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...
CVE-2026-0484
CVE-2026-0484 affects SAP NetWeaver Application Server ABAP and SAP S/4HANA. The root cause is a missing authorization check that enables an authenticated attacker to access a specific transaction code and modify text data, impacting integrity (I: High) while confidentiality and availability rema...
CVE-2026-0484 Missing Authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...
CVE-2026-0484 Missing Authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...
SAP S/4HANA和SAP NetWeaver Application Server ABAP 输入验证错误漏洞
SAP S/4HANA and SAP NetWeaver Application Server ABAP are both products of the German company SAP. SAP S/4HANA is an enterprise resource management software based on the SAP HANA memory database system. SAP NetWeaver Application Server ABAP is a platform for running and developing applications...
PT-2026-7200
Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. This vulnerability has a high impact on integrity of the application with no effect on the...
Saleor security vulnerabilities
Saleor is an open-source interface software developed by Saleor Commerce. Versions 3.2.0 to 3.20.109, 3.21.0-a.0 to 3.21.44, and 3.22.0-a.0 to 3.22.28 of Saleor contain security vulnerabilities. These vulnerabilities stem from insecure direct object references, which may allow unverified...
CVE-2025-13489
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
CVE-2025-13489
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...