534 matches found
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
ROOT-OS-UBUNTU-2404-CVE-2025-71192 CVE-2025-71192 in rootio-linux - Patched by Root
Root has patched CVE-2025-71192 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
CVE-2026-57351
Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...
CVE-2026-12142
CVE-2026-12142 affects the NEX-Forms – Ultimate Forms Plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) via the internal parameter named '_name[]' , present in all versions up to and including 9.2.2 . Root cause: insufficient input sanitization and output escaping, co...
PYSEC-2026-451 pgAdmin 4 Vulnerable to Remote Code Execution
Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules. The vulnerability is associated with the 2 POST endpoints; /sqleditor/querytool/download, where the querycommited parameter and /cloud/deploy endpoint, where the highavailability parameter is unsafe...
EUVD-2026-39705
Unauthenticated Cross Site Scripting XSS in Blog2Social = 8.9.2 versions...
CVE-2026-57455
Vim (open source editor) prior to version 9.2.0698 is affected by a stack out-of-bounds write in spell_soundfold_sofo() (src/spell.c). The single-byte branch translates a word through a SOFO byte map into a caller-owned result buffer; the copy loop advances the output index with no upper bound an...
EUVD-2026-39404
In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devic...
PT-2026-52476
Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0670 Description The get text props function in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop T entries that follow. Because the count ...
Linux Distros Unpatched Vulnerability : CVE-2026-9539
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host...
CVE-2026-4610 ProfileGrid <= 5.9.9.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Message Content
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pmauthormessage' parameter in the pmsendmessagetoauthor function in all versions up to, and including, 5.9.9.2 due to insufficient input sanitization and output...
PT-2026-50783
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.2 Description This software provides hardware authentication for Linux using removable media. A race condition exists when updating a one-time pad file because a temporary file is created using the open function...
CVE-2026-46905
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime Security. Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2026-46907
Vulnerability in the JD Edwards EnterpriseOne Order Promising product of Oracle JD Edwards component: Order Promising Integration. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...
CVE-2026-46892
Vulnerability in the JD Edwards EnterpriseOne Human Resources Management product of Oracle JD Edwards component: Human Resources. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2026-46891
Vulnerability in the JD Edwards EnterpriseOne Accounts Payable product of Oracle JD Edwards component: Accounts Payable. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...
PT-2026-49998
Name of the Vulnerable Software and Affected Versions Oracle JD Edwards EnterpriseOne Accounts Payable version 9.2 Description A flaw in the Accounts Payable component allows a low-privileged attacker with network access via HTTP to compromise the system. Successful exploitation can lead to...
CVE-2026-47162
Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...
Linux Distros Unpatched Vulnerability : CVE-2026-52859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.2.0565, the updatesnapshot function in src/terminal.c copies the visible terminal screen int...
CVE-2026-34266
Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft component: Absence Management. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...