47780 matches found
CVE-2026-48758 vulnerabilities
Vulnerabilities for packages: pulumi...
GHSA-JFC7-64V2-MR8C vulnerabilities
Vulnerabilities for packages: pulumi...
EUVD-2026-40564
Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40508
Inappropriate implementation in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...
CVE-2026-13961
Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security...
CVE-2026-14117
The CVE-2026-14117 entry concerns Google Chrome’s DevTools on Windows prior to version 150.0.7871.47. The vulnerability is described as insufficient validation of untrusted input in DevTools, which could enable a remote attacker to obtain potentially sensitive information from process memory when...
CVE-2026-14113
CVE-2026-14113 affects Google Chrome on Windows prior to 150.0.7871.47, where a use-after-free in the Updater component could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. The vulnerability is tracked in the Chrom...
CVE-2026-13875
Chrome on Windows is affected by CVE-2026-13875 due to insufficient validation of untrusted input in the GPU, enabling a renderer-compromised attacker to potentially read process memory via a crafted HTML page. The issue is tied to Chromium-based Chrome and is reported as a Medium-severity vulner...
CVE-2026-56224
Capgo: vulnerability in console.capgo.app/login prior to version 12.128.2 allows access_token and refresh_token to be accepted in URL query parameters, leading to automatic user authentication without user confirmation. Practically, an attacker can craft a malicious link that lures a victim into ...
CVE-2026-58447
Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...
CVE-2026-44160 vulnerabilities
Vulnerabilities for packages: kube-fluentd-operator, ruby4.0-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby3.3-fluentd-kubernetes-daemonset...
GHSA-PR7J-96CJ-549H vulnerabilities
Vulnerabilities for packages: kube-fluentd-operator, ruby4.0-fluentd-kubernetes-daemonset, ruby3.4-fluentd-kubernetes-daemonset, ruby3.3-fluentd-kubernetes-daemonset...
WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.15.3 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by javitoia in WordPress Plugin GiveWP versions = 4.15.3...
EUVD-2026-40375
DeepTutor before version 1.4.10 contains an authorization bypass vulnerability that allows low-privilege users to invoke unrestricted MCP tools due to the allowedmcptools function returning None instead of a denied result when mcptools is omitted from a user's grant in...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.3 bug fix and security update
Red Hat OpenShift Container Platform release 4.22.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.27 bug fix and security update
Red Hat OpenShift Container Platform release 4.20.27 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.27 bug fix and security update
Red Hat OpenShift Container Platform release 4.20.27 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.3 security and extras update
Red Hat OpenShift Container Platform release 4.22.3 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a security impact of...
CVE-2026-13316
A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.22 bug fix and security update
Red Hat OpenShift Container Platform release 4.21.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...