Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery

Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery. id: CVE-2019-18394 info: name: Ignite Realtime Openfire =4.4.3 to fix this vulnerability. reference: -...

RHSA-2026:26462 Red Hat Security Advisory: kernel-rt security update

Bulletin has no description...

RHSA-2026:26428 Red Hat Security Advisory: kernel-rt security update

Bulletin has no description...

RockyLinux 8 : kernel-rt (RLSA-2026:23259)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:23259 advisory. kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Tenable has extracted the preceding description block directly from t...

CVE-2026-5803

A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API Proxy Endpoint. Performing a manipulation of the argument Query results in server-side request...

EUVD-2026-34388

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11200

Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

SUSE-SU-2026:21956-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

SUSE-SU-2026:21958-1 Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

RHSA-2026:21745 Red Hat Security Advisory: kernel-rt security update

Bulletin has no description...

TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...

UBUNTU-CVE-2026-45919

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Skip currently executing CPU in rtonextcpu CPU0 becomes overloaded when hosting a CPU-bound RT task, a non-CPU-bound RT task, and a CFS task stuck in kernel space. When other CPUs switch from RT to non-RT tasks, RT load...

USN-8305-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

Ubuntu Pro Realtime 22.04 LTS : Linux kernel (Intel IoTG Real-time) vulnerabilities (USN-8291-1)

The remote Ubuntu Pro Realtime 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8291-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

MAL-2026-4509 Malicious code in celonix-otp-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df58532b5edb3f7a5ad9734a7f4fa46f062c0f220d578db42a223188d078d9bb The package presents itself as a React OTP component, but its only exported widget hardcodes a single Firebase Realtime Database URL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/core: Page allocation is disabled in tasktickmmcid. With KASAN and PREEMPTRT enabled, calling taskworkadd within tasktickmmcid may cause the following crash. 63.696416 BUG: A sleeping function is called from an invalid...

Ubuntu 25.10 / Pro Realtime 24.04 LTS : Linux kernel vulnerabilities (USN-8277-1)

"The remote Ubuntu 25.10 / Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8277-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is...

ALSA-2026:19348 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

MGASA-2026-0145 Updated firefox & thunderbird packages fix security vulnerabilities

LZ4 compression library issue. CVE-2025-62813 libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. CVE-2026-32776 libexpat before 2.7.5 allows an infinite loop while parsing DTD content. CVE-2026-32777 libexpat before 2.7.5 allows a NULL pointer...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...