3669 matches found
APSB26-62 : Security update available for Adobe Dreamweaver
Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution, memory exposure, and arbitrary file system read...
Adobe Dreamweaver Desktop 访问控制错误漏洞
Adobe Dreamweaver Desktop is a web design and development software provided by Adobe, a company based in America. Versions of Adobe Dreamweaver Desktop starting from 21.7 and earlier contain an access control vulnerability. This vulnerability stems from improper access control mechanisms, which m...
389 Directory Server 389-ds-base 缓冲区错误漏洞
389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from the ldaputf8prev function reading bytes from the buffer without boundary checks. This leads ...
RHEL 9 : kpatch-patch (RHSA-2026:24814)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24814 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...
CVE-2026-46302
A flaw was found in the Linux kernel's Security-Enhanced Linux SELinux policy handling. A local attacker could exploit this by opening the /sys/fs/selinux/policy file, which prevents other processes from accessing or reading the kernel's security policy. This could lead to a denial of service DoS...
ALSA-2026:24381 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786 kernel: Linux kernel: smb: client: reject...
RHEL 9 : kernel (RHSA-2026:24381)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24381 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads...
CVE-2026-11414
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...
RHEL 9 : kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_158_1 (RHSA-2026:23469)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23469 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...
CVE-2026-10717
Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defects lists via a very bad drive with lots of defects or a maliciously crafted SCSI device’s defect...
CVE-2026-8560
Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-41484
OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collector results in an unsuccessful HTTP 4xx or 5xx response, the HttpJsonPostTransport class reads the...
CVE-2026-39885
FrontMCP is a TypeScript-first framework for the Model Context Protocol MCP. Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenA...
CVE-2026-44881
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer supports deploying stacks from Git repositories. When a...
CVE-2026-44307
A flaw was found in Mako, a Python template library. A remote attacker could exploit a directory traversal vulnerability by crafting a Uniform Resource Identifier URI with backslash traversal. This bypasses security checks, allowing the attacker to read files outside the intended template...
EUVD-2026-34899
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...
CVE-2024-2374
The XML parsers within multiple WSO2 products accept user-supplied XML data without properly configuring to prevent the resolution of external entities. This omission allows malicious actors to craft XML payloads that exploit the parser's behavior, leading to the inclusion of external resources. ...
CVE-2026-46393 HAXcms createSite SSRF Enables Arbitrary File Read
HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enablin...
ALPINE-CVE-2026-48101
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...
BIT-AIRFLOW-2026-41014 Apache Airflow: per-DAG RBAC bypass on /ui/partitioned_dag_runs endpoints
The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...