Critical: Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_143_1, and kpatch-patch-4_18_0-477_97_1 security update

An update for multiple packages is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

EUVD-2026-38630

When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, meaning an archive could be parsed in an infinite loop...

CVE-2026-11972

When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, meaning an archive could be parsed in an infinite loop...

CVE-2026-11972

CVE-2026-11972: The Python tarfile module may loop indefinitely when parsing archives opened in streaming mode (mode="r|") due to improper EOF handling. Affects the tarfile parsing path and could cause high impact availability issues; the description confirms the root cause but the connected docu...

CVE-2026-11820

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: apikey and apisecret are declared nolog=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all nolog protection. Vulnerable...

CVE-2026-11819

The CVE-2026-11819 issue affects the Ansible community.general keyring_info module. The module reads a passphrase from the OS keyring and writes it directly to result["passphrase"] without output suppression. Root cause shows protected input variable (line with no_log=True) but unprotected output...

CVE-2026-11820

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: apikey and apisecret are declared nolog=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all nolog protection. Vulnerable...

CVE-2026-56315

CVE-2026-56315 affects the Python tool picklescan until version 1.0.4, which fails to block imports from at least seven standard library modules (e.g., uuid, _osx_support, _aix_support, _pyrepl.pager, imaplib). This allows adversaries to craft pickle files that import these unblocked modules to t...

EUVD-2026-38436

Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server nuxt dev on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumerate and connect. Unprivileged co-resident users can exploit t...

EUVD-2026-38437

picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...

CVE-2026-7842

The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in the importlist, urldetail, and filedetail admin page callbacks before using them in SQL queries, allowing authenticated attackers with Editor-level...

CVE-2026-7842

The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in the importlist, urldetail, and filedetail admin page callbacks before using them in SQL queries, allowing authenticated attackers with Editor-level...

EUVD-2026-38416

The Infility Global Infility Global WordPress plugin before 2.15.20 for WordPress does not sanitize or validate the orderby and order parameters in the importlist, urldetail, and filedetail admin page callbacks before using them in SQL queries, allowing authenticated attackers with Editor-level...

Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)

Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...

RosarioSIS 6.7.2 - Cross-Site Scripting

RosarioSIS version 6.7.2 and earlier contains a reflected cross-site scripting XSS vulnerability in the Preferences module. The 'tab' parameter in Modules.php is not properly sanitized, allowing an attacker to inject arbitrary JavaScript code via a crafted URL. id: CVE-2020-15718 info: name:...

PrestaShop lgcookieslaw - SQL Injection

The EU Cookie Law GDPR Banner + Blocker PrestaShop module before 2.1.3 allows blind SQL injection via the lglaw or lgcookieslaw cookie used to store user consent choices. id: CVE-2022-44727 info: name: PrestaShop lgcookieslaw - SQL Injection author: mastercho severity: critical description: | The...

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...

Apache HTTP Server: mod_proxy_ajp: Apache HTTP Server mod_proxy_ajp: Arbitrary code execution via heap-based buffer overflow

A flaw was found in modproxyajp of Apache HTTP Server. This heap-based buffer overflow vulnerability allows a remote attacker, by connecting to a malicious AJP Apache JServ Protocol server, to send a specially crafted message. This message can cause modproxyajp to write attacker-controlled data...

httpd: NULL pointer dereference via specially crafted request

A flaw was found in the moddavlock module of httpd. This vulnerability allows a remote unauthenticated attacker to crash the server due to a NULL pointer dereference via a specially crafted request...