3061 matches found
OPENSUSE-SU-2026:20773-1 Security update for perl-Net-CIDR
This update for perl-Net-CIDR fixes the following issues: Changes in perl-Net-CIDR: - updated to 0.270.0 0.27 0.27 Sam Varshavchik cidrvalidate bug fix. - updated to 0.260.0 0.26 0.26 Sam Varshavchik cidrvalidate should accept IPv6 addresses with one uncompressed 0. - updated to 0.250.0 0.25 0.25...
CVE-2026-42099
Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...
CVE-2026-42096
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...
CVE-2026-42100 DoS in Sparx Pro Cloud Server
Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service DoS attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly. The vendor was notified early about this vulnerability,...
CVE-2026-42100
Technical details (affected products/versions, root cause, impact, mitigation) are not publicly available in the provided documents. Monitor for updates as new information may be published.
CVE-2026-42099
Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...
EUVD-2026-30929
Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...
CVE-2026-42097 Authentication Bypass in Sparx Pro Cloud Server
Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication. The vendor was notified early about this vulnerability, but...
CVE-2026-42097
Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication. The vendor was notified early about this vulnerability, but...
CVE-2026-42096
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...
CVE-2026-42096 Broken Access Control in Sparx Pro Cloud Server
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond wi...
CVE-2026-28751
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
CVE-2026-27648
in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...
CVE-2026-27781
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
CVE-2026-25781
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...
CVE-2026-33565 kernel_linux_common_modules has a Race Condition vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
EUVD-2026-30834
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...
CVE-2026-27766 multimedia_audio_framework has a Race Condition vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...
CVE-2026-25850
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...
EUVD-2026-30831
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...