118 matches found
CVE-2026-8468 Unbounded buffer accumulation in multipart header parsing causes denial of service in plug
Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...
Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4
The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.15.4 release of Red Hat OpenShift Pipelines Operator...
Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.15.4
The 1.15.4 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.15.4 release of Red Hat OpenShift Pipelines Operator...
CVE-2026-3209
A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...
EUVD-2026-8779
A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...
CVE-2026-3209
A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The exploit has been disclosed to...
PT-2026-22042
Name of the Vulnerable Software and Affected Versions fosrl Pangolin versions up to 1.15.4-s.3 Description A flaw exists in the Role Handler component of fosrl Pangolin. Specifically, the verifyRoleAccess/verifyApiKeyRoleAccess function is susceptible to manipulation, resulting in improper access...
pangolin 访问控制错误漏洞
Pangolin is an open-source proxy software developed by Pangolin. Versions of Pangolin 1.15.4-s.3 and earlier contained a vulnerability related to access control. This vulnerability stemmed from improper access control in the function verifyRoleAccess/verifyApiKeyRoleAccess of the Role Handler...
0xkit (=0.0.1), 0xpass (>=0.0.11 <=0.1.26) +7842 more potentially affected by CVE-2026-23527 via h3 (>=1.0.1 <=1.15.4)
h3 NPM version =1.0.1, =0.0.11, =0.0.0-canary-3a59770274bcb6f3bebd5d1b93a2c92d1fc4edbd, =0.0.2, =0.1.0, =1.1.0, =0.1.0, =0.1.0, =1.0.21, =2.0.0, =0.1.4, =0.1.0, =1.0.10, =1.0.11 and more Source cves: CVE-2026-23527 Source advisory: SNYK:JS-H3-15010914...
EUVD-2020-0201
Malware in sbrugna...
EUVD-2020-21243
Malware in sbrugna...
EUVD-2008-4638
Malware in sbrugna...
EUVD-2021-32507
Malicious code in bioql PyPI...
EUVD-2022-0131
Malicious code in bioql PyPI...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Red Hat OpenShift GitOps v1.15.4 release An update is now available for Red Hat OpenShift GitOps. Security Fixes: openshift-gitops-1/argocd-rhel8: Project API Token Exposes Repository Credentials gitops-1.15 openshift-gitops-1/argocd-rhel9: Project API Token Exposes Repository Credentials...
CVE-2025-9020 PX4 PX4-Autopilot Mavlink Shell Closing mavlink_receiver.cpp handle_message_serial_control use after free
A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...
PT-2025-33453 · Px4 · Px4-Autopilot
Name of the Vulnerable Software and Affected Versions: PX4 PX4-Autopilot versions through 1.15.4 Description: A use-after-free issue exists in the MavlinkReceiver::handle message serial control function within the src/modules/mavlink/mavlink receiver.cpp file of the Mavlink Shell Closing Handler...
SUSE CVE-2024-39286
Incorrect execution-assigned permissions in the Linux kernel mode driver for the IntelR 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access...
UBUNTU-CVE-2024-39286
Incorrect execution-assigned permissions in the Linux kernel mode driver for the IntelR 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access...
PT-2025-6661 · Intel · Intel 800 Series Ethernet Driver
Name of the Vulnerable Software and Affected Versions: IntelR 800 Series Ethernet Driver versions prior to 1.15.4 Description: The issue is related to incorrect execution-assigned permissions in the Linux kernel mode driver. This may allow an authenticated user to potentially enable information...