12939 matches found
CVE-2025-11065 affecting package cert-manager for versions less than 1.12.15-6
CVE-2025-11065 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...
CVE-2026-1703 affecting package python-pip for versions less than 24.2-6
CVE-2026-1703 affecting package python-pip for versions less than 24.2-6. A patched version of the package is available...
CVE-2025-58190 affecting package cert-manager for versions less than 1.12.15-6
CVE-2025-58190 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...
CVE-2025-47911 affecting package cert-manager for versions less than 1.12.15-6
CVE-2025-47911 affecting package cert-manager for versions less than 1.12.15-6. A patched version of the package is available...
CVE-2026-30962
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.6 and 8.6.19, the validation for protected fields only checks top-level query keys. By wrapping a query constraint on a protected field inside a logical operator, the check...
CVE-2026-30962
Parse Server is vulnerable prior to versions 9.5.2-alpha.6 and 8.6.19 due to a flawed protection check that only validates top-level query keys for protected fields. By wrapping a query constraint on a protected field inside a logical operator, the check is bypassed, allowing any authenticated us...
CVE-2026-30962 Parse Server has a protected fields bypass via logical query operators
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.6 and 8.6.19, the validation for protected fields only checks top-level query keys. By wrapping a query constraint on a protected field inside a logical operator, the check...
PT-2026-24455
Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 9.5.2-alpha.6 Parse Server versions prior to 8.6.19 Description Parse Server, an open source backend deployable on Node.js infrastructures, contains a flaw in its validation process for protected fields. The...
Parse Server 访问控制错误漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. Versions of Parse Server prior to 9.5.2-alpha.6 and 8.6.19 contain an access control vulnerability caused by a bypass of protected field validation, which may le...
git-lfs security update
3.6.1-7 - Rebuild with new Golang 3.6.1-6 - Rebuild with new Golang 3.6.1-5 - Rebuild with new Golang...
CVE-2025-11065 affecting package opa for versions less than 0.63.0-6
CVE-2025-11065 affecting package opa for versions less than 0.63.0-6. A patched version of the package is available...
EUVD-2026-10061
parse-server: Malformed $regex query leaks database error details in API response...
CVE-2026-29075
creationtimestamp| type| source ---|---|--- 2026-03-06 19:37:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgg2r6gwah2o 2026-03-07 10:01:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mghl2tr2r22f...
CVE-2026-28681
creationtimestamp| type| source ---|---|--- 2026-03-06 06:04:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgend7unkc2k 2026-03-06 08:07:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgeu6w36ns2f 2026-03-06 08:09:25+00:00| seen|...
Parse Server 安全漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server prior to 8.6.7 and 9.5.0-alpha.6. These vulnerabilities stemmed from incorrect $regex query...
Dell Optimizer 6.x < 6.3.1.0 Privilege Escalation (DSA-2026-094)
The version of Dell Optimizer installed on the remote host is 6.x prior to 6.3.1.0. It is, therefore, affected by a vulnerability: - An improper link resolution before file access vulnerability that could allow a low privileged attacker with local access to exploit this vulnerability, leading to...
CVE-2025-13350
Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector but backports upstream commit 8594d9b85c07 "afunix: Don’t call skbget for OOB skb". When orphaned MSGOOB sockets hit unixgc, the garbage collector still calls kfreeskb as if OOB SKBs held two references; on Ubuntu Linux 6.8 Noble...
Ubuntu: Security Advisory (USN-5376-6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update 5.1.2 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Backported security patches for Salt vendored tornado: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header paramete...
CVE-2026-23521
Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device uniqueId to an absolute path. When uploading a device image, Traccar uses that uniqueId to build the filesystem path...