10160 matches found
OSGeo gdal 缓冲区错误漏洞
OSGeo GDAL is an open-source geospatial raster and vector data processing library developed by OSGeo. Versions of OSGeo GDAL 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from a function in the Grid File Handler component, specifically the function...
python311-Django4-4.2.30-2.1 on GA media (moderate)
python311-Django4-4.2.30-2.1 on GA media Announcement ID: openSUSE-SU-2026:10708-1 Rating: moderate Cross-References: CVE-2026-35192 CVE-2026-5766 CVE-2026-6907 CVSS scores: CVE-2026-35192 SUSE : 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2026-35192 SUSE : 2.3...
[SECURITY] [DLA 4572-1] linux security update
Debian LTS Advisory DLA-4572-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings May 08, 2026 https://wiki.debian.org/LTS Package : linux Version : 5.10.251-4 CVE ID : CVE-2026-43284 CVE-2026-43500 Two vulnerabilities have been discovered in the Linux kernel that may...
GDAL 缓冲区错误漏洞
GDAL is an open-source geospatial data abstraction library developed by GDAL. Versions of GDAL 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from the operation of the parameter DataFieldName in the function GDnentries within the file...
@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +538 more potentially affected by CVE-2026-44456 via hono (>=0.5.10 <=4.12.15)
hono NPM version =0.5.10, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.4, =2026.4.4, =1.0.2, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =1.3.0 and more Source cves: CVE-2026-44456 Source advisory: OSV:GHSA-9VQF-7F2P-GF9V...
CVE-2026-34001 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-4
CVE-2026-34001 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-4. A patched version of the package is available...
CVE-2026-34003 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-4
CVE-2026-34003 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-4. A patched version of the package is available...
CVE-2026-33999 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-4
CVE-2026-33999 affecting package xorg-x11-server-Xwayland for versions less than 24.1.6-4. A patched version of the package is available...
RHCOS 4 : OpenShift Container Platform 4.5.27 (RHSA-2021:0034)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0034 advisory. - jenkins-2-plugins/subversion: XML parser is not preventing XML external entity XXE attacks CVE-2020-2304 -...
RHCOS 4 : OpenShift Container Platform 4.2.29 openshift (RHSA-2020:1527)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1527 advisory. - kubernetes: Use of unbounded 'client' label in apiserverrequesttotal allows for memory exhaustion CVE-2020-8552 Note that Nessus has not...
RHCOS 4 : OpenShift Container Platform 4.6.23 (RHSA-2021:0956)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0956 advisory. - golang: data race in certain net/http servers including ReverseProxy can lead to DoS CVE-2020-15586 - golang: ReadUvarint and...
RHCOS 4 : OpenShift Container Platform 4.9.25 (RHSA-2022:0860)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:0860 advisory. - CRI-O: Arbitrary code execution in cri-o via abusing kernel.corepattern kernel parameter CVE-2022-0811 Note that Nessus has not tested for...
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +262 more potentially affected by CVE-2026-42266 via jupyterlab (>=4.0.0 <=4.5.6)
jupyterlab PYPI version =4.0.0, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =4.33.0, =0.6.4, =0.8.0, =1.0.1, =0.1.0, =0.5.0 and more Source cves: CVE-2026-42266 Source advisory: OSV:GHSA-37W4-HWHX-4RC4...
requests-hardened is Vulnerable to Server-Side Request Forgery
The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...
CVE-2026-44429
creationtimestamp| type| source ---|---|--- 2026-05-04 14:34:31+00:00| published-proof-of-concept| https://github.com/modelcontextprotocol/registry/security/advisories/GHSA-rqv2-m695-f8j4...
CVE-2026-7482
creationtimestamp| type| source ---|---|--- 2026-05-04 14:15:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkzuc7suqr2k 2026-05-04 14:56:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkzwkpa3ak2k 2026-05-04 21:09:36+00:00| seen|...
CVE-2026-7736
A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...
CVE-2026-7372
creationtimestamp| type| source ---|---|--- 2026-05-04 01:19:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkyiwbcqjd2w 2026-05-04 01:20:05+00:00| seen| https://bsky.app/profile/potato.software/post/3mkyixk7tez2l 2026-05-04 01:20:05+00:00| seen|...
RHCOS 4 : OpenShift Container Platform 4.11.17 (RHSA-2022:8626)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8626 advisory. - golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 - golang: net/http: handle server errors after...
RHCOS 4 : OpenShift Container Platform 4.18.6 (RHSA-2025:3068)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3068 advisory. - go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 Note that Nessus has not tested for this issue but has instead...