1183 matches found
EUVD-2026-39492
pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...
Security Bulletin: Multiple vulnerabilities in IBM Watsonx BI Assistant for CP4D
Summary Multiple vulnerabilities were addressed in IBM Watsonx BI Assistant for CP4D version 5.4.0 Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerab...
GHSA-VWM4-62GF-X745 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
GHSA-9CV6-QCJW-4GRX vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
CVE-2026-54898 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
CVE-2026-54899 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
GHSA-9PPP-W3G4-FH4Q vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
GHSA-FM7P-MPRW-WJM9 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
GHSA-475M-PH3X-64GP vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
CVE-2026-54903 vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
GHSA-3V45-F3VH-WG7M vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby3.3-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset...
CVE-2026-57628
Administrator SQL Injection in WP All Import = 4.0.1 versions...
WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WP All Import versions = 4.0.1...
SUSE-SU-2026:22282-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.29.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a client-side heap buffer overflow occurred in the FreeRDP client’s AVC420/AVC444 YUV-to-RGB conversion process. This issue arose due to a lack of validation of the horizontal bounds of the H.264 metablock...
SUSE-SU-2026:22486-1 Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...
GHSA-6WX8-W4F5-WWCR vulnerabilities
Vulnerabilities for packages: kube-logging-operator, ruby4.0-rails, kube-fluentd-operator, ruby3.3-rails, ruby3.3-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby4.0-fluentd-kubernetes-daemonset, ruby3.4-rails, ruby3.2-fluentd-kubernetes-daemonset...
CVE-2026-48166
Filament is a collection of full-stack components for accelerated Laravel development. From 4.0.0 until 4.11.5 and 5.6.5, the login page has an observable timing discrepancy that allows unauthenticated attackers to enumerate registered email addresses. The impact is limited to disclosing whether ...
Security Bulletin: Vulnerability in flatted affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in flatted has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...
CVE-2025-62198
An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommended to upgrade to version 2.5.0, which fixes the issue...