545 matches found
Vulnerabilities fixed in SolarWinds Serv-U
SolarWinds has fixed vulnerabilities in Serv-U. The vulnerabilities are in how Serv-U controls access and processes data types. Attackers with administrative privileges can exploit these vulnerabilities to gain unauthorized system access and execute arbitrary code with elevated privileges. This c...
VulnCheck KEV: CVE-2022-20775
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted...
CVE-2026-1578
HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...
CVE-2026-1578
HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...
CVE-2026-1578
HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...
CVE-2026-1578
HP App for Android is potentially vulnerable to cross-site scripting (XSS) when using an outdated version on mobile devices. The issue is being addressed with updates from HP. According to the provided CVE entry, the vulnerability is associated with an initial update path and a MEDIUM severity (C...
PT-2026-7994
HP App for Android is potentially vulnerable to cross-site scripting XSS when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities...
AMD Graphics Driver February 2026 Security Update
AMD has informed HP of potential vulnerabilities in some AMD Graphics Driver for Windows, which might allow arbitrary code execution, loss of confidentiality, loss of integrity, loss of availability, kernel memory corruption, denial of service, or information disclosure. AMD is releasing software...
Vulnerability fixed in Cisco TelePresence Collaboration Endpoint
Cisco has fixed a vulnerability in Cisco TelePresence Collaboration Endpoint and RoomOS Software. The vulnerability is in how the text viewer system does not perform sufficient input control. This can be exploited by unauthenticated remote attackers, leading to a denial-of-service DoS and affecti...
Vulnerability fixed in BIND 9
ICS has fixed a vulnerability in BIND 9. The vulnerability is located in certain versions of BIND 9, where malformed BRID/HHIT records can lead to the unexpected termination of the named service, which is critical for DNS resolution. This vulnerability allows attackers to crash the service throug...
Vulnerabilities fixed in Oracle Analytics
Oracle has fixed vulnerabilities in Oracle Business Intelligence Enterprise Edition. The vulnerabilities allow unauthenticated attackers to cause a Denial-of-Service, or can lead to unauthorized access and modification of critical data. Oracle has released updates to fix the vulnerability. See...
Vulnerabilities fixed in Trend Micro Apex Central
Trend Micro has fixed vulnerabilities in Trend Micro Apex Central. The vulnerabilities are in the way Trend Micro Apex Central handles certain input. An attacker can cause a denial-of-service DoS without authentication by using an unverified NULL return value. In addition, malicious actors can ga...
Vulnerability fixed in MongoDB
MongoDB developers have fixed a vulnerability in MongoDB. The vulnerability with reference CVE-2025-14847 allows an unauthenticated remote attacker to read uninitialized heap memory. It is caused by improperly processing length parameters in Zlib-compressed protocol headers. Misuse of the...
Vulnerabilities fixed in Adobe Acrobat Reader
Adobe has fixed vulnerabilities in several versions of Acrobat Reader. The vulnerabilities include an untrusted search path that allows attackers to execute arbitrary code by manipulating the application's search paths. In addition, there are vulnerabilities related to the improper verification o...
Vulnerabilities fixed in Adobe ColdFusion
Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 25.4, 23.16, 21.22 and earlier. The vulnerabilities are in the way ColdFusion handles file uploads, input validation, and data access. Users with high privileges can execute unauthorized code or access sensitive data without...
CVE-2025-13426
A vulnerability exists in Google Apigee's JavaCallout policy https://docs.apigee.com/api-platform/reference/policies/java-callout-policy that allows for remote code execution. It is possible for a user to write a JavaCallout that injected a malicious object into the MessageContext to execute...
Vulnerabilities fixed in Mattermost
Mattermost has fixed vulnerabilities in versions 11.0.x through 11.0.3, 10.12.x through 10.12.1, 10.11.x through 10.11.4 and 10.5.x through 10.5.12. The vulnerabilities allow an authenticated attacker to take over an account via a carefully crafted email address during the authentication process...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome Specifically for versions prior to 142.0.7444.175. The vulnerabilities are in Google Chrome's V8 engine and allow remote attackers to exploit heap corruption via specially crafted HTML pages, which can lead to unauthorized actions, such as access to...
Vulnerabilities fixed in Adobe Illustrator
Adobe has fixed vulnerabilities in Adobe Illustrator Specifically for versions 28.7.10, 28.8.2 and earlier, as well as Illustrator on iPad versions 3.0.9 and earlier. The vulnerabilities are in how Adobe Illustrator and Illustrator on iPad handle specially crafted files. These vulnerabilities can...