@asherng/storybook (>=0.0.18 <=0.1.14), @bluefin-exchange/starship-v2 (>=1.1.1 <=1.1.16) +32 more potentially affected by CVE-2026-27148 via storybook (>=7.0.12 <=7.6.20)

storybook NPM version =7.0.12, =0.0.18, =1.1.1, =0.0.1, =0.0.4, =1.2.108, =3.50.0-next.2, =9.0.0-next.4, =1.0.967, =0.0.1, =1.0.0, =1.2.2, =0.0.1, =0.0.1, =7.6.4-next.32, =6.0.0-canary.234, =6.0.0-canary.318 and more Source cves: CVE-2026-27148 Source advisory: SNYK:JS-STORYBOOK-15353401...

Advisory ROSA-SA-2026-3126

software: suricata 7.0.12 AXIS: ROSA-CHROME unaffected versions = suricata-7.0.12-1 affected versions suricata-7.0.12-1 CVE-ID: CVE-2025-59147 BDU-ID: 2025-12460 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Suricata Intrusion Detection and Prevention System is related to incorrect security...

EUVD-2023-26264

Malicious code in bioql PyPI...

CVE-2025-59147

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers with...

CVE-2025-59147 Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers with...

Linux Distros Unpatched Vulnerability : CVE-2023-22100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.12. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-24834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and...

CVE-2023-22100

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

PT-2025-2438 · Fortinet · Fortimanager +3

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 6.4.0 through 6.4.14 FortiAnalyzer versions 7.0.0 through 7.0.12 FortiAnalyzer versions 7.2.0 through 7.2.5 FortiAnalyzer versions 7.4.0 through 7.4.3 FortiAnalyzer Cloud versions 6.4.1 through 6.4.7 FortiAnalyzer Cloud...

Fortinet FortiManager Unauthenticated RCE

This module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticated RCE with root privileges. The vulnerable FortiManager versions are: 7.6.0 7.4.0 through 7.4.4 7.2.0 through 7.2.7 7.0.0 through 7.0.12 6.4.0 through 6.4.14...

CVE-2024-36507

A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and social engineering...

PT-2024-25282 · Fortinet · Fortimanager +1

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 6.4.0 through 6.4.14 FortiAnalyzer versions 7.0.0 through 7.0.12 FortiAnalyzer versions 7.2.0 through 7.2.5 FortiAnalyzer versions 7.4.0 through 7.4.2 FortiManager versions 6.4.0 through 6.4.14 FortiManager versions 7.0...

PT-2024-27041 · Fortinet · Forticlientwindows

Name of the Vulnerable Software and Affected Versions: FortiClient Windows versions 7.2.4 and below FortiClient Windows version 7.0.12 and below FortiClient Windows version 6.4 Description: A privilege context switching error vulnerability in FortiClient Windows may allow an authenticated user to...

GLSA-202409-11 : Oracle VirtualBox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-11 Oracle VirtualBox: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Oracle VirtualBox. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding...

PT-2024-9818 · Fortinet · Forticlientems

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientEMS versions 7.0.0 through 7.0.12 Fortinet FortiClientEMS versions 7.2.0 through 7.2.4 Description: The issue is related to an improper neutralization of special elements used in a command, also known as a 'Command...

BIT-VALKEY-2022-24834 Heap overflow issue with the Lua cjson library used by Redis

Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...

BIT-VALKEY-2023-36824 Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

BIT-REDIS-2022-24834 Heap overflow issue with the Lua cjson library used by Redis

Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support,...

BIT-REDIS-2023-36824 Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

Mageia: Security Advisory (MGASA-2023-0335)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...