544 matches found
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities in Samsung Mobile The vulnerabilities include an out-of-bounds write and read, as well as a vulnerability in USB connection mode that allows local attackers to gain unauthorized access to user data. These vulnerabiliti...
Vulnerabilities fixed in Oracle Financial Services
Oracle has fixed vulnerabilities in Oracle Financial Services components. The vulnerabilities allow unauthenticated attackers to gain unauthorized access to sensitive data over HTTP. This can lead to unauthorized access and modification of critical data, with a CVSS score of 9.8 highlighting the...
Vulnerabilities fixed in Oracle Communications products
Oracle has fixed several vulnerabilities in its Communications products, including Unified Assurance and Cloud Native Core. The vulnerabilities in Oracle Communications products allow malicious actors to gain unauthorized access, which can lead to partial or full Denial-of-Service DoS attacks...
Multiple stored cross-site scripting vulnerabilities in Movable Type
Overview Movable Type provided by Six Apart Ltd. contains multiple stored cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in Edit ContentData page CWE-79 - CVE-2025-54856 Stored cross-site scripting vulnerability in Edit CategorySet of ContentType page...
Vulnerabilities fixed in Mozilla Firefox and Thunderbird
Mozilla has fixed vulnerabilities in Firefox and Thunderbird Specifically for versions under 144. The vulnerabilities include several problems, including a use-after-free issue, memory security flaws and the ability for a malicious person to access sensitive data or execute arbitrary code. These...
Vulnerabilities fixed in Adobe Experience Manager
Adobe has fixed vulnerabilities in Adobe Experience Manager versions 6.5.23 and earlier. The vulnerabilities are in the configuration of Adobe Experience Manager, which allows attackers to execute arbitrary code without any user interaction. This can lead to unauthorized access and control of...
Vulnerability fixed in FortiOS
Fortinet has fixed a vulnerability in FortiOS multiple versions. The vulnerability is in the way FortiOS handles memory allocation. Authenticated users can exploit this vulnerability by sending specially crafted requests, which can lead to the execution of unauthorized code. This can have serious...
Vulnerabilities fixed in SAP Products
SAP has fixed vulnerabilities in several SAP products. The vulnerabilities include a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary OS commands, and a CSRF vulnerability that allows authenticated attackers to bypass critical authorization controls. In...
Vulnerabilities fixed in Adobe Commerce
Adobe has fixed vulnerabilities in Adobe Commerce Specifically for versions 2.4.9-alpha2 and earlier. The vulnerabilities include improper authorization that allows low-privileged attackers to bypass security measures, which can lead to unauthorized access to sensitive data without user...
EUVD-2021-21260
Malware in sbrugna...
Vulnerabilities fixed in VMware NSX
VMware fixed vulnerabilities in VMware NSX The vulnerabilities in VMware NSX include a weak password recovery mechanism that allows unauthenticated attackers to enumerate valid usernames, which can result in potential brute-force attacks on login credentials. Additionally, there is a username...
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities relevant to Samsung Mobile in Samsung Mobile. The vulnerabilities in the Android kernel include a race condition between functions that manage CPU timers, which can lead to system instability. In addition,...
Cisco UCS Manager Software Command Injection Vulnerabilities
Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. For more information about these...
Cisco Nexus Dashboard Path Traversal Vulnerability
A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid...
Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability
A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denia...
SUSE: Security Advisory (SUSE-SU-2025:02985-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Sensitive Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device. This vulnerabili...
Cisco Identity Services Engine Arbitrary File Upload Vulnerability
A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...
CVE-2025-43490
Technical details about CVE-2025-43490 are not publicly provided in the supplied documents. The materials reference an escalation of privilege in HPAudioAnalytics within HP Hotkey Support and ongoing updates. Monitor for updates and patch releases from HP.
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities
Multiple vulnerabilities in the management and VPN web servers for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to stop responding or reload unexpectedly,...