Searching in Data Privacy & Cybersecurity · Search everything
692 changes Data Privacy & Cybersecurity
CISA: IGL-Technologies eParking.fi ICS Advisory
CISA released an advisory regarding vulnerabilities in IGL-Technologies eParking.fi charging stations. Successful exploitation could allow attackers to gain unauthorized administrative control or disrupt services. The advisory details two critical vulnerabilities, CVE-2026-29796 and CVE-2026-31903, affecting all versions of eParking.fi.
Microsoft Products Vulnerabilities
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Microsoft products. These vulnerabilities could allow an attacker to exploit unspecified security issues. Affected systems include specific versions of azl3 and cbl2 components.
CERT-FR: Multiple vulnerabilities in Roundcube software
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Roundcube webmail software. The vulnerabilities could lead to data confidentiality breaches, server-side request forgery (SSRF), and remote code injection (XSS). Users are advised to consult the editor's security bulletin for patch information.
VMware Product Vulnerabilities Identified by CERT-FR
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in various VMware products. These vulnerabilities could allow an attacker to cause unspecified security issues. Affected users are advised to consult VMware's security bulletins for patch information.
Mitel Products Vulnerability - XSS
CERT-FR has issued an advisory regarding a remote code injection (XSS) vulnerability affecting various Mitel product versions. Affected systems include specific versions of MCX and MiContact Center Business. Users are advised to consult Mitel's security bulletin for patch information.
CERT-FR Advises on Splunk Universal Forwarder Vulnerabilities
CERT-FR has issued an advisory regarding multiple vulnerabilities discovered in Splunk Universal Forwarder. The advisory details affected versions and references Splunk's security bulletin for patch information. The vulnerabilities could allow an attacker to cause unspecified security issues.
Python Vulnerability Allows Security Policy Bypass
CERT-FR has issued an advisory regarding a vulnerability in Python (CVE-2026-3479) that allows attackers to bypass security policies. The advisory urges users to apply the latest security patches provided by the Python editor.
Microsoft Dynamics 365 SQL Injection Vulnerability
CERT-Bund has issued a security advisory for Microsoft Dynamics 365 Customer Engagement regarding a critical SQL injection vulnerability (CVSS 8.8). The vulnerability allows authenticated remote attackers to execute arbitrary SQL commands, potentially leading to privilege escalation or operating system command execution.
Roundcube Vulnerabilities: Critical Score, File Manipulation, XSS
CERT-Bund has issued a security advisory for Roundcube, a PHP-based open-source webmail system. Multiple vulnerabilities with a critical CVSS base score of 10.0 have been identified, allowing attackers to manipulate files, bypass security measures, and perform cross-site scripting attacks.
Dell Secure Connect Gateway Policy Manager Critical Vulnerabilities
CERT-Bund has issued a security advisory for Dell Secure Connect Gateway Policy Manager, detailing critical vulnerabilities (CVSS Base Score 9.8) that could allow remote attacks. The advisory affects versions prior to 5.34.00.14 and recommends mitigation.