Searching in Data Privacy & Cybersecurity · Search everything
687 changes Data Privacy & Cybersecurity
OpenSSH Multiple Vulnerabilities - Remote Code Execution and Privilege Escalation
CERT-Bund issued security advisory WID-SEC-2026-0979 warning of multiple vulnerabilities in OpenSSH versions prior to 10.3. The vulnerabilities carry a CVSS Base Score of 7.5 (high) and enable remote attackers to execute arbitrary code, escalate privileges, or bypass security mechanisms on affected systems running Linux, UNIX, and Windows. Mitigation measures are available but immediate patching is required.
OpenBSD Vulnerability Enables Unspecified Remote Attack
CERT-Bund issued a security advisory regarding a high-severity vulnerability (CVSS 7.3) in OpenBSD versions 7.7 and 7.8 that enables remote attacks by unauthenticated threat actors. The vulnerability allows remote code execution without user interaction. Organizations running affected OpenBSD systems should review and apply available mitigations immediately.
Dell PowerScale OneFS Multiple Vulnerabilities, CVSS 6.6, Privilege Escalation
CERT-Bund issued security advisory WID-SEC-2026-0984 regarding multiple vulnerabilities in Dell PowerScale OneFS with CVSS Base Score 6.6 (medium). Affected organizations running Dell PowerScale NAS platforms below versions 9.10.1.7, 9.13.0.1, and 9.13.0.2 face risks of information disclosure and privilege escalation. Mitigation measures are available.
MariaDB DoS Vulnerability - CVSS 6.5 Medium Severity
CERT-Bund issued advisory WID-SEC-2026-0972 disclosing a medium-severity denial-of-service vulnerability in MariaDB database systems. Affected versions include MariaDB prior to 11.4.10, 11.8.6, and 12.2.2, with a CVSS base score of 6.5. Remote authenticated attackers can exploit this vulnerability to conduct DoS attacks against affected installations on Linux, UNIX, and Windows platforms.
Keycloak vulnerabilities CVSS 8.1, affects Linux
Keycloak vulnerabilities CVSS 8.1, affects Linux
Multiple Exynos vulnerabilities allow DoS, code execution
CERT-Bund issued security advisory WID-SEC-2026-0981 regarding multiple high-severity vulnerabilities in Samsung Exynos chipsets (CVSS Base Score 8.6). Attackers can exploit these vulnerabilities to conduct denial of service attacks and potentially execute arbitrary code remotely. Affected products include Samsung Exynos mobile chipsets and processors.
Critical Cisco Smart Software Manager On-Prem Remote Code Execution Vulnerability
CERT-Bund issued a critical security advisory regarding CVE-2026-0964 affecting Cisco Smart Software Manager On-Prem (versions prior to 9-202601). The vulnerability carries a CVSS Base Score of 9.8 (critical) and enables remote, unauthenticated attackers to execute arbitrary code with administrator privileges. Organizations running the affected product are at immediate risk of complete system compromise.
Critical FortiClient EMS Vulnerability Enables Remote Code Execution
CERT-Bund issued a critical security advisory regarding a vulnerability in Fortinet FortiClient EMS software. The vulnerability, affecting versions prior to 7.4.7, carries a CVSS Base Score of 9.8 (critical) and enables remote anonymous attackers to execute arbitrary code without authentication. Organizations using FortiClient EMS are advised to apply available mitigations immediately or update to the patched version.
Microsoft Azure critical vulnerabilities, CVSS 10.0, privilege escalation
Microsoft Azure critical vulnerabilities, CVSS 10.0, privilege escalation
Linux Kernel Multiple Vulnerabilities - CVSS 7.3 DoS Bypass
CERT-Bund issued a security advisory regarding multiple vulnerabilities in the Linux Kernel affecting Microsoft Azure Linux azl3. The vulnerabilities carry a CVSS Base Score of 7.3 (high) and CVSS Temporal Score of 6.6 (medium), with remote attack capability confirmed. An attacker could exploit these flaws to execute denial of service attacks or bypass security mechanisms. Mitigation measures are available.