46 matches found
CVE-2026-8417
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/doupdate/. The doupdate method in concrete/controllers/singlepage/dashboard/extend/update.php checks only canInstallPackages before executing upgradeCoreData and upgrade on the named...
PT-2026-42537
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/do update/. The do update method in concrete/controllers/single page/dashboard/extend/update.php checks only canInstallPackages before executing upgradeCoreData and upgrade on the...
Concrete CMS 跨站请求伪造漏洞
Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS 9.5.0 and earlier contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation on CSRF tokens, which could allow attackers to force administrators...
nodejs:16 security, bug fix, and enhancement update
An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...
python-zipp security update
3.20.1-2 - Make package buildable for epel=9 3.20.1-1 - Update to 3.20.1 rhbz2307990 3.20.0-1 - Update to 3.20.0 rhbz2304028 3.19.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora41MassRebuild 3.19.2-2 - Rebuilt for Python 3.13 3.19.2-1 - Update to 3.19.2 rhbz2290429 3.19.1-1 - Update to...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.44 packages and security update
Red Hat OpenShift Container Platform release 4.16.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
RHEL 8 : Satellite 6.14.4.5 Async Update (Important) (RHSA-2025:3492)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3492 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
SUSE SLES15 / openSUSE 15 Security Update : nodejs18 (SUSE-SU-2024:4301-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4301-1 advisory. - CVE-2024-21538: Fixed regular expression denial of service in cross-spawn dependency bsc1233856 Other fixes: - Update to...
UBUNTU-CVE-2023-45133
Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...
python3.9 security, bug fix, and enhancement update
An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language...
kubernetes security update
kubernetes 1.21.14-2 - Fixed kubernetes-cni version. 1.21.14-1 - Addresses CVE-2022-3172 olcne 1.4.8-2 - Updated Kubernetes package release version to 1.21.6-2 1.4.8-1 - Upgraded kubernetes-1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 1.4.7-1 - Upgrade Istio from 1.13.5 t...
galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
An update is available for mysql-selinux, mariadb, galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threaded SQL database...
Moderate: Red Hat Security Advisory: cockpit security, bug fix, and enhancement update
An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Moderate: Red Hat Security Advisory: qt5 security, bug fix, and enhancement update
An update for qt5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Vulnerabilities fixed in PostgreSQL
Vulnerabilities have been fixed in PostgreSQL. The vulnerabilities allow a remote malicious party to cause a denial-of-service to potentially access sensitive data as a result. PostgreSQL has released a new version to address the vulnerabilities. fixes. More information can be found on the page...
userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update
An update is available for libwacom, xorg-x11-drivers, libX11, mesa, libinput, libdrm, libglvnd, xorg-x11-server, egl-wayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RLSA-2021:0549 Moderate: nodejs:12 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.20.1, nodejs-nodemon 2.0.3. Security Fixes: nodejs-mixin-deep: prototype pollutio...
nodejs:12 security update
An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for...
nodejs:10 security update
An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for...
RHEL 8 : GNOME (RHSA-2020:4451)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4451 advisory. GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version:...