Critical: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP2)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP2. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

Astra Linux - уязвимость в xen

A issue was discovered in Xen versions 4.9 through 4.14.x. On the ARM architecture, a guest can control whether memory accesses bypass the cache. This means that Xen needs to ensure that all writes such as those during scrubbing have reached the memory before handing over the page to the guest...

Apache Camel 安全漏洞

Apache Camel is an open-source integration framework based on the Enterprise Integration Pattern EIP, developed by the Apache Foundation in the United States. This framework provides implementations of Java objects following the EIP pattern and allows routing and mediation rules to be configured...

Important: Red Hat Security Advisory: Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update.

An update for Openshift Jenkins is now available for Red Hat OpenShift Developer Tools - OpenShift Jenkins 4.14. Release of Red Hat OpenShift Developer Tools - Openshift Jenkins 4.14 security update...

CVE-2026-29955

The /registercrd endpoint in KubePlus 4.14 in the kubeconfiggenerator component is vulnerable to command injection. The component uses subprocess.Popen with shell=True parameter to execute shell commands, and the user-supplied chartName parameter is directly concatenated into the command string...

WordPress Extensions for Leaflet Map plugin <= 4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'elevation-track' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'elevation-track' Shortcode vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.14...

CVE-2026-5451

CVE-2026-5451 affects the WordPress plugin Extensions for Leaflet Map . The vulnerability is a stored XSS via the elevation-track shortcode in all versions up to and including 4.14, caused by insufficient input sanitization and output escaping on user-supplied attributes. An attacker with Contrib...

CVE-2026-5451 Extensions for Leaflet Map <= 4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'elevation-track' Shortcode

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001641)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001641 advisory. The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001294 advisory. In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003155 advisory. A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiato...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002656)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002656 advisory. The sctpdopeeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002923 advisory. In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000403 advisory. The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after- free because skcd-norefcnt was not considered during a...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.14 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.14 security, enhancement & bug fix update...

Amazon Linux 2 : kernel, --advisory ALAS2-2025-3053 (ALAS-2025-3053)

The version of kernel installed on the remote host is prior to 4.14.355-280.706. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3053 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in...

CVE-2025-53234 WordPress UDesign Core plugin <= 4.14.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign Core u-design-core allows Reflected XSS.This issue affects UDesign Core: from n/a through = 4.14.0...

EUVD-2017-9495

Malware in sbrugna...

RHSA-2025:16461 Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update

An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...