MiracleLinux 8 : httpd:2.4 (AXSA:2026-762:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-762:01 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in...

Apache HTTP Server 资源管理错误漏洞

The Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. The Apache HTTP Server has a memory corruption vulnerability. Attackers can exploit this...

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

🚨 CVE-2026-4480 - Critical Remote Code Execution in Samba Prin...

Exploit for Use After Free in Redis

redis-server from 7.2.0 until 8.6.3, the Remote Code Execution...

CVE-2026-4944

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

[SECURITY] [DSA 6326-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6326-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 07, 2026 https://www.debian.org/security/faq -...

write-up

Prototype Pollution in JavaScript: The Complete Bug Bounty Hun...

Exploit for SQL Injection in Drupal

CVE-2026-9082 Unauthenticated SQL injection in Drupal Core on...

CVE-2026-7537

The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7.8.3 via the mdjmsendcommemail function. This is due to no file type, extension, or MIME type validation being performed on uploaded files. This makes it possible for...

Rrdtool: rrdtool: stack buffer overflow allows local code execution or denial of service

...

Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

...

SUSE CVE-2026-10882

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-10885

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-10887

Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

SUSE CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

SUSE CVE-2026-10893

Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

SUSE CVE-2026-10895

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-10896

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-10901

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-10902

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...