11389 matches found
Security update for python-pyOpenSSL
This update for python-pyOpenSSL fixes the following issue Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4 zypper in -t patch...
H2O ImportFiles - Local File Inclusion
An attacker is able to read any file on the server hosting the H2O dashboard without any authentication. id: CVE-2023-6038 info: name: H2O ImportFiles - Local File Inclusion author: danmcinerney,byt3bl33d3r severity: high description: | An attacker is able to read any file on the server hosting t...
ASIS - SQL Injection Authentication Bypass
ASIS aka Aplikasi Sistem Sekolah using CodeIgniter 3 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass. id: CVE-2024-45622 info: name: ASIS - SQL Injection Authentication Bypass author: s4e-io severity: critical description: | ASIS aka Aplikasi Sistem Sekolah...
Online Fire Reporting System v1.0 - SQL injection
Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...
Homematic CCU3 - Local File Inclusion
eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface. id: CVE-2019-9726 info: name: Homematic CCU3 - Local...
CVE-2026-47265
AIOHTTP prior to 3.14.0 is vulnerable: cookies provided via the cookies parameter on per-request calls are sent after following a cross-origin redirect, which may leak sensitive data if an attacker can control the redirect. Version 3.14.0 patches the issue. As a workaround, using a Cookie header ...
CVE-2026-39821 affecting package git-lfs for versions less than 3.6.1-3
CVE-2026-39821 affecting package git-lfs for versions less than 3.6.1-3. A patched version of the package is available...
CVE-2026-39821 affecting package kata-containers for versions less than 3.19.1.kata3-3
CVE-2026-39821 affecting package kata-containers for versions less than 3.19.1.kata3-3. A patched version of the package is available...
[SECURITY] [DSA 6315-1] cyborg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6315-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 31, 2026 https://www.debian.org/security/faq -...
CVE-2026-41401 affecting package libyang for versions less than 2.1.148-3
CVE-2026-41401 affecting package libyang for versions less than 2.1.148-3. A patched version of the package is available...
CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3
CVE-2026-39830 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...
CVE-2026-42506 affecting package containerd2 for versions less than 2.1.6-3
CVE-2026-42506 affecting package containerd2 for versions less than 2.1.6-3. A patched version of the package is available...
CVE-2026-39821 affecting package containerd2 for versions less than 2.1.6-3
CVE-2026-39821 affecting package containerd2 for versions less than 2.1.6-3. A patched version of the package is available...
CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3
CVE-2026-39834 affecting package nvidia-container-toolkit for versions less than 1.17.8-3. A patched version of the package is available...
EUVD-2026-32592
A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible. Upgrading to...
CVE-2026-42732
Improper Validation of Specified Quantity in Input vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded allows Input Data Manipulation.This issue affects Ads by WPQuads: from n/a through = 3.0.2...
CVE-2026-8711 affecting package nginx for versions less than 1.28.3-3
CVE-2026-8711 affecting package nginx for versions less than 1.28.3-3. A patched version of the package is available...
TeamSpeak 3 Server 资源管理错误漏洞
TeamSpeak 3 Server is a real-time voice communication server software developed by the TeamSpeak company. Versions of TeamSpeak 3 Server prior to 3.13.7 contained a resource management vulnerability. This vulnerability stemmed from the processresendqueue function in the Connection State Managemen...
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-121 (ALASDOCKER-2026-121)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-121 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...