Searching in Data Privacy & Cybersecurity · Search everything
687 changes Data Privacy & Cybersecurity
Node.js Multiple Vulnerabilities Security Patches
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Node.js versions 20.x, 22.x, 24.x, and 25.x. Security patches are scheduled for release on March 24, 2026, to address these issues.
CERT-FR: Multiple Vulnerabilities in Suricata
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Suricata versions 7.0.x and 8.0.x. Users are advised to consult the Suricata security bulletin for patch information.
CERT-FR: Multiple MongoDB Vulnerabilities
CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in MongoDB. The advisory details affected versions and directs users to MongoDB's security bulletins for patch information. The specific risk is not detailed by the publisher.
Citrix XenServer Vulnerability Allows Security Policy Bypass
CERT-FR has issued an advisory regarding a vulnerability in Citrix XenServer (CVE-2026-23554) that allows for security policy bypass. The advisory urges users to apply security patches provided by Citrix to affected systems.
GLPI Vulnerabilities: SQL Injection, Security Bypass
CERT-FR has issued a security advisory regarding multiple vulnerabilities in GLPI software, versions prior to 11.0.6. These vulnerabilities include SQL injection and security bypass, potentially allowing attackers to compromise systems. Users are advised to consult the publisher's security bulletins for patch information.
Apple Products Vulnerability: Security Policy Bypass
CERT-FR has issued a security advisory regarding a vulnerability discovered in Apple products, including iOS, iPadOS, and macOS. The vulnerability allows for a security policy bypass. Users are advised to refer to Apple's security bulletin for patch information.
Multiple vulnerabilities found in Atlassian products
The CERT-FR has issued a security advisory regarding multiple vulnerabilities discovered in Atlassian products, including Confluence and Jira. These vulnerabilities could lead to remote code execution, denial of service, and data breaches.
nghttp2 Vulnerability Allows Denial of Service
CERT-Bund has issued a security advisory regarding a vulnerability in nghttp2 versions prior to 1.68.1. The vulnerability allows remote attackers to perform a Denial of Service attack. The advisory provides mitigation information and affected systems.
Wazuh Vulnerabilities Allow Critical Remote Attacks
CERT-Bund has issued a security advisory for Wazuh, detailing multiple vulnerabilities that allow critical remote attacks with a CVSS score of 9.1. The advisory affects Wazuh versions prior to 4.14.3 and impacts UNIX and other operating systems.
CERT-Bund: MongoDB Vulnerabilities Disclosed, Remote Attack Possible
CERT-Bund has issued a security advisory regarding multiple vulnerabilities in MongoDB, versions prior to 8.3.0-rc0, 8.0.20, 7.0.31, and 8.2.6. These vulnerabilities allow for remote attacks, including information disclosure and arbitrary code execution. The advisory highlights a high CVSS Base Score of 8.8.