Aggregator

CVE-1999-1147 | Platinum Policy Compliance Manager 7.0 Agent Service smaxagent.exe memory corruption (XFDB-1430 / OSVDB-3164)

Vuldb Updates
1 month ago
A vulnerability classified as critical has been found in Platinum Policy Compliance Manager 7.0. Affected by this issue is some unknown functionality of the file smaxagent.exe of the component Agent Service. The manipulation leads to memory corruption. This vulnerability is traded as CVE-1999-1147. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply restrictive firewalling.
vuldb.com

CVE-1999-1282 | RealNetworks RealSystem G2 Server Configuration File missing encryption (XFDB-1542)

Vuldb Updates
1 month ago
A vulnerability, which was classified as problematic, has been found in RealNetworks RealSystem G2 Server. This vulnerability affects unknown code of the component Configuration File. This manipulation causes missing encryption of sensitive data. This vulnerability is handled as CVE-1999-1282. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-1999-0139 | Sun Solaris 2.5.1/2.6/7.0 mkcookie memory corruption (XFDB-1429 / OSVDB-8205)

Vuldb Updates
1 month ago
A vulnerability, which was classified as critical, was found in Sun Solaris 2.5.1/2.6/7.0. This issue affects some unknown processing of the component mkcookie. Such manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-1999-0139. Local access is required to approach this attack. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-1999-1173 | Corel WordPerfect 8 on Linux Working Directory privileges management

Vuldb Updates
1 month ago
A vulnerability was found in Corel WordPerfect 8 on Linux and classified as problematic. The affected element is an unknown function of the component Working Directory Handler. Executing a manipulation can lead to improper privilege management. The identification of this vulnerability is CVE-1999-1173. The attack can only be executed locally. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-1999-1188 | MySQL 3.21 Log File privileges management (Nessus ID 17815 / XFDB-1568)

Vuldb Updates
1 month ago
A vulnerability identified as problematic has been detected in MySQL 3.21. Affected by this vulnerability is an unknown functionality of the component Log File Handler. Performing a manipulation results in improper privilege management. This vulnerability is cataloged as CVE-1999-1188. The attack must be initiated from a local position. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-31317 | Craftql up to 1.3.7 GetAssetsFieldSchema.php server-side request forgery (EUVD-2026-23428)

Vuldb Updates
1 month ago
A vulnerability described as critical has been identified in Craftql up to 1.3.7. This issue affects some unknown processing of the file vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php. Such manipulation leads to server-side request forgery. This vulnerability is documented as CVE-2026-31317. The attack can be executed remotely. There is not any exploit available.
vuldb.com

CVE-2026-21709 | Veeam Backup and Replication/Software Appliance Windows Driver Signature Enforcement command injection (kb4830 / EUVD-2026-23438)

Vuldb Updates
1 month ago
A vulnerability was found in Veeam Backup and Replication and Software Appliance and classified as critical. Affected is an unknown function of the component Windows Driver Signature Enforcement. Such manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2026-21709. Local access is required to approach this attack. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-40515 | HKUDS OpenHarness Path Normalization authorization (EUVD-2026-23450)

Vuldb Updates
1 month ago
A vulnerability was found in HKUDS OpenHarness. It has been declared as problematic. Affected by this issue is some unknown functionality of the component Path Normalization Handler. Executing a manipulation can lead to incorrect authorization. The identification of this vulnerability is CVE-2026-40515. The attack may be launched remotely. There is no exploit available. It is advisable to implement a patch to correct this issue.
vuldb.com

CVE-2026-21733 | Imagination Graphics DDK up to 25.3 RTM GPU insufficient permissions or privileges (EUVD-2026-23446)

Vuldb Updates
1 month ago
A vulnerability was found in Imagination Graphics DDK up to 1.17 RTM/1.18 RTM/23.2 RTM/24.2 RTM/25.3 RTM. It has been rated as problematic. This affects an unknown part of the component GPU Handler. The manipulation leads to improper handling of insufficient permissions or privileges. This vulnerability is referenced as CVE-2026-21733. The attack can only be performed from a local environment. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-3464 | aguilatechnologies WP Customer Area Plugin up to 8.3.4 on WordPress ajax_attach_file path traversal (EUVD-2026-23448)

Vuldb Updates
1 month ago
A vulnerability was found in aguilatechnologies WP Customer Area Plugin up to 8.3.4 on WordPress. It has been classified as critical. Affected by this vulnerability is the function ajax_attach_file. Performing a manipulation results in path traversal. This vulnerability was named CVE-2026-3464. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2026-40516 | HKUDS OpenHarness HTTP Service web_fetch/web_search server-side request forgery (EUVD-2026-23452)

Vuldb Updates
1 month ago
A vulnerability categorized as critical has been discovered in HKUDS OpenHarness. This vulnerability affects the function web_fetch/web_search of the component HTTP Service. The manipulation results in server-side request forgery. This vulnerability is identified as CVE-2026-40516. The attack can be executed remotely. There is not any exploit available. It is best practice to apply a patch to resolve this issue.
vuldb.com

The Wall Around Claude 4.7 Does Not Extend to Dread

Security Boulevard
1 month ago

Anthropic released Claude Opus 4.7 on April 16, 2026 with automated cybersecurity safeguards and a Cyber Verification Program. Dark web intelligence from the same week, a cross-vendor prompt injection disclosure published the same morning, and the unanswered policy question of who decides which defenders deserve access to frontier AI all point to the same conclusion: the wall is in the wrong place.

The post The Wall Around Claude 4.7 Does Not Extend to Dread appeared first on Security Boulevard.

Suzu Labs

Managed ad