61303 matches found
Astra Linux – Vulnerability in Ansible
A flaw was discovered in the solariszone module from the Ansible Community modules. When setting the name of a zone on the Solaris host, the zone name is checked by listing the process using the ‘ps’ command on the remote machine. An attacker could exploit this flaw by creating a fake zone name a...
Astra Linux – Vulnerability in Poppler
The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fixed the TOCTOU race condition in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. This chec...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a encoder check in hdcp2getcapability. Also added a encoder check in intelhdcp2getcapability to avoid null pointer errors...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete. There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency causes a...
CVE-2026-56138
AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. The endpoint accepts item identifiers through the s1 and s2 query parameters and, prior to the fix, attempted to retrieve and compare item contents without first verifying that both referenced items existed ...
PT-2026-50895
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.8.0 through 3.16.0 Description Improper Validation of Integrity Check Value in the jwe-decrypt plugin under default configuration allows for authentication bypass. Recommendations Upgrade to version 3.17.0...
PT-2026-50926
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...
PT-2026-50979
Name of the Vulnerable Software and Affected Versions Tilt versions 0.24.0 through 0.37.3 Description The Tilt HUD WebSocket endpoint /ws/view is susceptible to Cross-site WebSocket Hijacking CSWSH, a technique where an attacker tricks a victim's browser into establishing a WebSocket connection t...
ALSA-2026:27354 Important: kernel-rt security, bug fix, and enhancement update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip...
PT-2026-50982
Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description An arbitrary address write issue exists in the reference AV1 codec implementation. A missing bounds check in the Scalable Video Coding SVC layer ID control function allows an attacker to injec...
PT-2026-51099
Name of the Vulnerable Software and Affected Versions langflow versions prior to 1.9.1 Description An Insecure Direct Object Reference IDOR exists in the '/api/v1/responses' endpoint. This issue allows an authenticated attacker to execute any flow belonging to another user by specifying the...
CVE-2026-12049 pgAdmin 4: Open redirect in multi-factor authentication flow via unvalidated 'next' parameter
Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next= -- a link typically...
CVE-2026-12046
CVE-2026-12046: pgAdmin 4 exposes unauthenticated deserialization sink in SQL Editor close and update_connection routes (DELETE /sqleditor/close/, POST /sqleditor/initialize/sqleditor/update_connection///). Missing @pga_login_required allows unauthenticated access to pickle.loads on session['grid...
CVE-2026-47847
Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...
CVE-2026-48980
The PAM module pam_usb is affected by a local-access vulnerability in earlier releases (pre-0.9.2) where getenv() in a PAM context returns attacker-controlled values for XRDP_SESSION, DISPLAY, and TMUX when the environment is manipulated by a local user. These values influence local-vs-remote ses...
CVE-2026-48980 pam_usb: getenv() used in PAM context allows environment variable injection into local-check logic
pamusb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv environment variables XRDPSESSION, DISPLAY and TMUX allow environment variable injection into local-check logic. These environment variables influence whether a current session is local or...
CVE-2026-47847
Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADBREPLICATIONUSER and MARIADBREPLICATIONPASSWORD environment variables defaulted to monitor and monitor respectively. This user...
GHSA-CF98-J28V-49V6 OpenFGA Improper Policy Enforcement
Description In OpenFGA, when MySQL is being used as the datastore, two distinct check requests can return the same response. Preconditions This applies if the following preconditions are met: 1. You run OpenFGA with MySQL as the datastore 2. Your authorization decisions rely on case-sensitive use...
SUSE-SU-2026:22159-1 Security update for distribution
This update for distribution fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265788. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation...