28135 matches found
D-Link D-View 8 v2.0.1.28 - Authentication Bypass
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28 id: CVE-2023-5074 info: name: D-Link D-View 8 v2.0.1.28 - Authentication Bypass author: DhiyaneshDK severity: critical description: | Use of a static key t...
kernel security update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RockyLinux 8 : kernel (RLSA-2026:36366)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36366 advisory. kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 Tenable has extracted the preceding description block directly from the...
CVE-2026-53653
Grav (file-based web platform) contains CVE-2026-53653: unauthenticated denial of service by requesting image derivatives with oversized dimensions via URL actions like forceResize in Grav::fallbackUrl. The root cause is that request parameters are passed to ImageMedium magic actions without a di...
CVE-2026-53653 Grav: Unauthenticated denial of service via unbounded image derivative dimensions
Grav is a file-based Web platform. Prior to 1.7.53 and 2.0.0-rc.8, Grav allows an unauthenticated visitor to exhaust server memory and CPU by requesting image derivatives with oversized dimensions through URL query image actions such as forceResize in Grav::fallbackUrl, which passes request...
tomcat security, bug fix, and enhancement update
An update is available for tomcat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages...
gstreamer1-plugins-good security update
An update is available for gstreamer1-plugins-good. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of...
libtasn1 security update
An update is available for libtasn1. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A library that provides Abstract Syntax Notation One ASN.1, as specified by...
libsolv security update
An update is available for libsolv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsolv packages provide a library for resolving package dependencies usi...
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
AlmaLinux 8 : cups (ALSA-2026:36733)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:36733 advisory. cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach lp code execution over the network CVE-2026-34980 Tenable has extracted t...
Important: Red Hat Security Advisory: xorg-x11-server security update
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
CVE-2026-10698
CVE-2026-10698 is an Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer, specifically affecting the Custom Reports module . Affected versions are MOVEit Transfer 2025.0.0–before 2025.0.8, 2025.1.0–before 2025.1.4, and 2026.0.0–before 2026.0.1...
libreoffice security update
An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...
grafana security update
An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...
RockyLinux 8 : libreoffice (RLSA-2026:35839)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:35839 advisory. libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation CVE-2026-8357 Tenable has extracted the preceding...
MiracleLinux 8 : postgresql:16 (AXSA:2026-1199:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1199:01 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can caus...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
giflib security update
An update is available for giflib. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list giflib is a library for reading and writing gif images. Security Fixes: giflib...
container-tools:rhel8 security, bug fix, and enhancement update
An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...