CVE-2026-2360

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is...

Fedora 42 : kea (2025-92b4ae7199)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-92b4ae7199 advisory. - New version 3.0.1 rhbz2391289 - Fixes CVE-2025-40779 rhbz2391373 Tenable has extracted the preceding description block directly from the Fedora security...

WordPress CAMOO SMS plugin <= 3.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin CAMOO SMS versions = 3.0.1...

PT-2022-24070 · Phicomm · Phicomm Fir151B A2 +3

Name of the Vulnerable Software and Affected Versions: Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers version 3.0.1.17 Description: The issue is related to a remote command execution vulnerability. This vulnerability can be exploited via the pingAddr parameter of the tracert...

IBM Security Key Lifecycle Manager Account Management Vulnerability

IBM Security Key Lifecycle Manager Tivoli Key Lifecycle Manager is a set of key lifecycle management software from IBM in the United States. The software provides key storage, key maintenance and key lifecycle management for storage devices. An account management vulnerability exists in IBM...

express-restify-mongoose information disclosure vulnerability

express-restify-mongoose is a tool for creating interfaces for Mongoose Model. A security vulnerability exists in express-restify-mongoose version 2.4.2 and earlier and versions 3.0.X through 3.0.1. An attacker can exploit the vulnerability by sending a request to obtain the passwords of all user...