Tagged: Cybersecurity Alert

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the XML...

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Wikimedia Foundation MediaWiki – CSS extension allows Path Traversal.This issue affects MediaWiki – CSS extension: 1.44, 1.43, 1.39. More information :...

Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki – VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki – VisualData Extension: 1.45. More information : https://gerrit.wikimedia.org/r/q/I4ff2737c9f0ba805267d1fc8296e7cff61241ee3

The credentials required to access the device’s web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the...

An attacker with a network connection could detect credentials in clear text. More information : https://cds.thalesgroup.com/en

A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.  ...

An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured (unencrypted) MQTT communications protocol, write on the server topics of the board that controls the...

The absence of permissions control for the user XXX allows the current configuration in the sudoers file to escalate privileges without any restrictions More information : https://cds.thalesgroup.com/en

The lack of hardening of the system allows the user used to manage and maintain the charger to consult different files containing clear-text credentials or valuable information for an attacker. More information : https://cds.thalesgroup.com/en

Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4.5.6, before 5.6.13. More information : https://devolutions.net/security/advisories/DEVO-2026-0001/

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart,...

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to...

The massive sending of ICMP requests causes a denial of service on one of the boards from the EVCharger that allows control the EV interfaces. Since the board must be operating correctly for the...

An attacker with access to the system’s internal network can cause a denial of service on the system by making two concurrent connections through the Telnet service. More information : https://cds.thalesgroup.com/en