Slican多款产品 安全漏洞

Slican IPL is a product of the Polish company Slican. Slican IPL is an Internet Protocol private branch exchange. Slican IPM is an IP phone exchange server. Slican CCT is a series of enterprise communication and IP phone exchange systems. Several Slican products have security vulnerabilities; the...

ROOT-OS-UBUNTU-2204-CVE-2023-53539 CVE-2023-53539 in rootio-linux - Patched by Root

Root has patched CVE-2023-53539 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

Astra Linux - уязвимость в postgresql-11

PostgreSQL optimizer statistics enable users to read sampled data within views that they cannot access. Additionally, statistics allow users to access sampled data that was intended to be hidden by row security policies. PostgreSQL maintains statistics for tables by sampling data available in...

CVE-2026-28514

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that allows a...

Splunk Cloud Platform和Splunk Enterprise 代码问题漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A code issue vulnerability exists in Splunk...

firefox: thunderbird: Use-after-free in the Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Audio/Video component...

CVE-2025-21590

An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affecte...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that originates from a vulnerabili...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS contains a security vulnerability that originates from a security fla...

Micro Focus Fortify ScanCentral DAST Security Vulnerability

Micro Focus Fortify ScanCentral DAST is a Fortify hosted remote scanning application from Micro Focus UK. A security vulnerability exists in Micro Focus Fortify ScanCentral DAST that stems from incorrect privilege assignment. An attacker could exploit the vulnerability to elevate privileges. The...

SUSE CVE-2023-39958

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 22.0.0 and prior to versions 22.2.10.13, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, missing protection allows an attacker to brute force the client secrets of configured OAuth2 clients...

Juniper Networks Junos OS SRX 缓冲区错误漏洞

Juniper Networks Junos OS SRX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS SRX has a buffer error vulnerability that originates from an out-of-bounds rea...

Fortinet FortiNAC 安全漏洞

Fortinet FortiNAC is a zero-trust access solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiNAC. An attacker could exploit the vulnerability to execute unauthorized code or commands via specially crafted HTTP requests. The following versions are affected: version 9.4.0,...

SUSE CVE-2017-3141

The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-9.2.9, 9.3.2-P1-9.3.6, 9.4.0-9.8.8, 9.9.0-9.9.10, 9.10.0-9.10.5, 9.11.0-9.11.1, 9.9.3-S1-9.9.10-S1,...

GHSA-C4PM-63CG-9J7H Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List

Impact Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected. Patches Upgrade to 7.9.0 Workarounds Catch and discard any exceptions from...

Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List

Impact Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected. Patches Upgrade to 7.9.0 Workarounds Catch and discard any exceptions from...

PT-2022-36465 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to a misbehavior in the dm ioctl when list versions races with module loading. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

PT-2022-36130 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: The issue is related to a misbehavior in the dm ioctl when list versions races with module loading. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

Electron 安全漏洞

Electron is a personal developer of a user to write cross-platform desktop application JavaScript framework. The framework is based on nodejs and Chromium and can be used to write cross-platform desktop applications using HTML and CSS. A security vulnerability exists in Electron that allows a...

Apple macOS 权限许可和访问控制问题漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A privilege permission and access control issue vulnerability exists in macOS, which exists because an application does not properly impose security restrictions in the...