20612 matches found
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.13.1 Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and Spring WebFlux applications can result in disclosure of conten...
CVE-2026-5140 Authorization Bypass in TUBITAK BILGEM's Pardus Update
Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...
CVE-2026-5140
CVE-2026-5140 is a CRLF injection vulnerability in Pardus (TUBITAK BILGEM Software Technologies Research Institute). Affected: Pardus
CVE-2026-5140 Authorization Bypass in TUBITAK BILGEM's Pardus Update
Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...
EUVD-2026-26228
Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus allows Authentication Bypass. This issue affects Pardus: from =0.6.4 before 0.8.0...
CVE-2026-5140
Improper neutralization of CRLF sequences 'CRLF injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass. This issue affects Pardus Update: from 0.6.3 before 0.6.4...
CVE-2026-42249
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
CVE-2026-42249 Remote Code Execution in Ollama via Update Mechanism
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
CVE-2026-42249
CVE-2026-42249 affects Ollama for Windows and is a remote code execution in the update mechanism caused by improper handling of attacker-controlled HTTP response headers. Update file paths are built from header-derived values and passed to filepath.Join, enabling path traversal (../) and writing ...
CVE-2026-42249
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
EUVD-2026-26211
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
CVE-2026-42249 Remote Code Execution in Ollama via Update Mechanism
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
CVE-2026-42249
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
CVE-2026-35366
A flaw was found in the printenv utility within uutils coreutils. This vulnerability allows an attacker to conceal malicious environment variables by using invalid UTF-8 byte sequences. As a result, security tools and administrators may not detect these hidden variables, which could enable...
Ollama 路径遍历漏洞
Ollama is an open-source tool developed by Ollama that can be run locally, used for managing and customizing large language models. Versions of Ollama from 0.12.10 to 0.17.5 have a path traversal vulnerability. This vulnerability stems from the improper handling of HTTP response headers in the...
Pardus 注入漏洞
Pardus is a Linux distribution developed by the TUBITAK BILGEM government department in Turkey. Versions of Pardus from 0.6.4 up to 0.8.0 had a vulnerability related to injection attacks. This vulnerability stemmed from improper handling of CRLF sequences, which could lead to authentication...
VideoFlow Digital Video Protection 路径遍历漏洞
VideoFlow Digital Video Protection is a broadcast-grade video transmission device developed by VideoFlow Corporation in the United States. Version 2.10 of VideoFlow Digital Video Protection contains a path traversal vulnerability. This vulnerability stems from authenticated directory traversal,...
PT-2026-35912
Name of the Vulnerable Software and Affected Versions Ollama for Windows versions 0.12.10 through 0.17.5 Description The update mechanism in Ollama for Windows allows Remote Code Execution due to improper handling of attacker-controlled HTTP response headers. The application constructs local file...
PT-2026-35920
Name of the Vulnerable Software and Affected Versions Pardus versions 0.6.4 through 0.7.x Description Improper neutralization of CRLF sequences, also known as CRLF injection, in TUBITAK BILGEM Software Technologies Research Institute Pardus allows for Authentication Bypass. CRLF injection occurs...
Linux Distros Unpatched Vulnerability : CVE-2026-39973
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in...