Aggregator
CVE-2026-0399 | SonicWall SonicOS API Endpoint stack-based overflow (SNWLID-2026-0001 / WID-SEC-2026-0495)
3 months 3 weeks ago
A vulnerability was found in SonicWall SonicOS. It has been declared as critical. Affected by this issue is some unknown functionality of the component API Endpoint. Such manipulation leads to stack-based buffer overflow.
This vulnerability is uniquely identified as CVE-2026-0399. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2026-0402 | SonicWall SonicOS out-of-bounds (SNWLID-2026-0001 / WID-SEC-2026-0495)
3 months 3 weeks ago
A vulnerability was found in SonicWall SonicOS. It has been classified as problematic. Affected by this vulnerability is an unknown functionality. This manipulation causes out-of-bounds read.
This vulnerability is handled as CVE-2026-0402. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2026-0401 | SonicWall SonicOS null pointer dereference (SNWLID-2026-0001 / WID-SEC-2026-0495)
3 months 3 weeks ago
A vulnerability was found in SonicWall SonicOS and classified as problematic. Affected is an unknown function. The manipulation results in null pointer dereference.
This vulnerability is known as CVE-2026-0401. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2026-0400 | SonicWall SonicOS format string (SNWLID-2026-0001 / WID-SEC-2026-0495)
3 months 3 weeks ago
A vulnerability has been found in SonicWall SonicOS and classified as critical. This impacts an unknown function. The manipulation leads to format string.
This vulnerability is traded as CVE-2026-0400. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2026-27518 | Binardat 10G08-0800GSM Network Switch up to V300SP10260209 Administrative Interface cross-site request forgery
3 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Binardat 10G08-0800GSM Network Switch up to V300SP10260209. This affects an unknown function of the component Administrative Interface. Executing a manipulation can lead to cross-site request forgery.
This vulnerability appears as CVE-2026-27518. The attack may be performed from remote. There is no available exploit.
vuldb.com
CVE-2026-27584 | actualbudget actual up to 26.2.0 missing authentication (GHSA-m2cq-xjgm-f668)
3 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in actualbudget actual up to 26.2.0. The impacted element is an unknown function. Performing a manipulation results in missing authentication.
This vulnerability is reported as CVE-2026-27584. The attack requires a local approach. No exploit exists.
It is advisable to upgrade the affected component.
vuldb.com
New Deserialization Vulnerability in Ruby Workers Could Enable Full System Compromise
3 months 3 weeks ago
A critical Remote Code Execution (RCE) vulnerability has been identified in a Ruby background job processing system. The flaw stems from unsafe JSON deserialization, which allows untrusted input to be transformed into executable objects. This issue highlights the hidden dangers of deserialization in Ruby environments, where a single line of code can lead to deterministic […]
The post New Deserialization Vulnerability in Ruby Workers Could Enable Full System Compromise appeared first on Cyber Security News.
Abinaya
VECT
3 months 3 weeks ago
You must login to view this content
cohenido
VECT
3 months 3 weeks ago
You must login to view this content
cohenido
VECT
3 months 3 weeks ago
You must login to view this content
cohenido
VECT
3 months 3 weeks ago
You must login to view this content
cohenido
CVE-2026-27519 | Binardat 10G08-0800GSM Network Switch up to V300SP10260209 protected hard-coded key
3 months 3 weeks ago
A vulnerability classified as problematic was found in Binardat 10G08-0800GSM Network Switch up to V300SP10260209. The affected element is an unknown function. Such manipulation of the argument protected leads to use of hard-coded cryptographic key
.
This vulnerability is documented as CVE-2026-27519. The attack can be executed remotely. There is not any exploit available.
vuldb.com
CVE-2026-27520 | Binardat 10G08-0800GSM Network Switch up to V300SP10260209 Web Interface cleartext storage
3 months 3 weeks ago
A vulnerability classified as problematic has been found in Binardat 10G08-0800GSM Network Switch up to V300SP10260209. Impacted is an unknown function of the component Web Interface. This manipulation causes cleartext storage of sensitive information.
This vulnerability is registered as CVE-2026-27520. Remote exploitation of the attack is possible. No exploit is available.
It is recommended to upgrade the affected component.
vuldb.com
VECT
3 months 3 weeks ago
You must login to view this content
cohenido
VECT
3 months 3 weeks ago
You must login to view this content
cohenido
Akira
3 months 3 weeks ago
You must login to view this content
cohenido
Смерть «бессмертного» языка. Акции IBM рухнули, когда выяснилось, что ИИ может наконец-то убить COBOL
3 months 3 weeks ago
Акции IBM упали на 13% после анонса инструмента Claude Code.
CVE-2020-1576 | Microsoft SharePoint Server 2010 SP2/2013 SP1/2016/2019 Markup Application Package code download
3 months 3 weeks ago
A vulnerability was found in Microsoft SharePoint Server 2010 SP2/2013 SP1/2016/2019. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component Markup Handler. The manipulation as part of Application Package leads to download of code without integrity check.
This vulnerability is listed as CVE-2020-1576. The attack may be initiated remotely. There is no available exploit.
Applying a patch is the recommended action to fix this issue.
vuldb.com
CVE-2020-1593 | Microsoft Windows up to Server 2019 Media Audio Decoder memory corruption
3 months 3 weeks ago
A vulnerability categorized as critical has been discovered in Microsoft Windows. Affected by this issue is some unknown functionality of the component Media Audio Decoder. The manipulation results in memory corruption.
This vulnerability is cataloged as CVE-2020-1593. The attack may be launched remotely. There is no exploit available.
It is best practice to apply a patch to resolve this issue.
vuldb.com