21823 matches found
MINI-XFCG-585V-RMXM
Bulletin has no description...
CVE-2026-33587
creationtimestamp| type| source ---|---|--- 2026-05-07 14:27:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlbgenzhu22n 2026-05-07 21:53:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlc7bvidfi2g...
Microsoft Partner Center Spoofing Vulnerability
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
ECHO-10F7-6099-CD97
Bulletin has no description...
ECHO-6162-09D6-162E
Bulletin has no description...
ECHO-2542-2038-6A46
Bulletin has no description...
Server-Side Request Forgery (SSRF)
Apache Neethi is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to lack of validation of URIs in the PolicyReference API, allowing applications to fetch policies from arbitrary protocols or internal addresses, enabling attackers to trigger outbound requests to internal o...
CVE-2026-42216
creationtimestamp| type| source ---|---|--- 2026-05-07 06:22:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlalbmrlgp2p...
BELL-CVE-2026-43130
Bulletin has no description...
CVE-2026-42217
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...
CVE-2026-42216
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...
CVE-2026-41142
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::resize that leads...
gittuf's policy can be rolled back to prior valid versions
Summary An attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. Impact gittuf determines the policy to load by inspecting the RSL. Except for the very first policy which is automatically...
GHSA-VXVC-CG7J-RWQJ gittuf's policy can be rolled back to prior valid versions
Summary An attacker with push access to gittuf's Reference State Log RSL can roll back the current policy to any previous policy trusted by the current set of root keys. Impact gittuf determines the policy to load by inspecting the RSL. Except for the very first policy which is automatically...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the RSL policy validation. An attacker can revert the system to a previous trusted state by creating a new Reference State Log entry that references an older policy, provided it i...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the RSL policy validation. An attacker can revert the system to a previous trusted state by creating a new Reference State Log entry that references an older policy, provided it i...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through the RSL policy validation. An attacker can revert the system to a previous trusted state by creating a new Reference State Log entry that references an older policy, provided it i...
EUVD-2026-28304
Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...
CVE-2026-6278
creationtimestamp| type| source ---|---|--- 2026-05-07 02:20:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mla5prthjg2v...
SUSE CVE-2026-43106
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...