RHSA-2026:27742 Red Hat Security Advisory: postgresql18 security update

Bulletin has no description...

Important: Red Hat Security Advisory: postgresql18 security update

An update for postgresql18 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ROOT-APP-MAVEN-CVE-2026-5598 CVE-2026-5598 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root

Root has patched CVE-2026-5598 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...

CVE-2014-1807

creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:35+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/61c889c7-18b4-4d45-bf5c-267490da7fa7 2026-06-23 14:04:07+00:00| exploited|...

RHSA-2026:26204 Red Hat Security Advisory: postgresql:18 security update

Bulletin has no description...

Important: Red Hat Security Advisory: postgresql:18 security update

An update for the postgresql:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

BIT-MARIADB-MIN-2026-44172 MariaDB: mysql_real_escape_string() incorrectly handled big5

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

RockyLinux 9 : postgresql:18 (RLSA-2026:26204)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26204 advisory. postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq:...

EUVD-2026-36930

Unauthenticated Cross Site Scripting XSS in WP Google Review Slider = 18.0 versions...

EUVD-2026-36757

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

EUVD-2025-210110

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...

CVE-2026-6269

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to modify hidden merge requests due to incorrect...

RockyLinux 9 : bind9.18 (RLSA-2026:24368)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24368 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...

FreeBSD : OpenSSL -- Multiple vulnerabilities (259b562f-64ab-11f1-8607-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 259b562f-64ab-11f1-8607-8447094a420f advisory. The OpenSSL project reports: Eighteen vulnerabilities in OpenSSL library. Highest classificati...

RHEL 9 : bind9.18 (RHSA-2026:24934)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24934 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves...

Apple多款产品 访问控制错误漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

openSUSE 16 Security Update : postgresql18 (openSUSE-SU-2026:20901-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20901-1 advisory. This update for postgresql18 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema...

RHSA-2026:24368 Red Hat Security Advisory: bind9.18 security update

Bulletin has no description...

CVE-2026-41850 Spring Framework Algorithmic Denial of Service via SpEL Expressions

Applications that evaluate user-supplied Spring Expression Language SpEL expressions are vulnerable to an Algorithmic Denial of Service DoS. By providing a specially crafted expression, an attacker can trigger excessive resource consumption during evaluation, leading to application degradation or...

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: Eighteen vulnerabilities in OpenSSL library. Highest classification High...