21896 matches found
PT-2026-34333
An insecure direct object reference IDOR vulnerability in the Fullstep V5 registration process allows authenticated users to access data belonging to other registered users through various vulnerable authenticated resources in the application. The vulnerable endpoints result from:...
PT-2026-34607
Name of the Vulnerable Software and Affected Versions OpenMcdf affected versions not specified Description OpenMcdf fails to detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file containing a cycle in the LeftSiblingID or RightSiblingID cha...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013500)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013500 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedre...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013795)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013795 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013825)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013825 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in ofdra7atlclkprobe pmruntimegetsync will increment pm usa...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013586)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013586 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: add miss release buffer head in fcdoonepass In fcdoonepass miss release buffer head after u...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013488)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013488 advisory. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in...
UBUNTU-CVE-2026-40250
OpenEXR provides the specification and reference implementation of the...
UBUNTU-CVE-2026-39886
OpenEXR provides the specification and reference implementation of the...
kernel security update
6.12.0-124.52.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
AlmaLinux 9 : kernel (ALSA-2026:8921)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:8921 advisory. kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item...
MINI-GX78-3MQQ-FV4X
Bulletin has no description...
MINI-CCGQ-CMGW-42GM
Bulletin has no description...
CVE-2026-34319
...
CVE-2026-34317
...
CVE-2026-34314
Oracle Financial Services Analytical Applications Infrastructure (OFSAAI), specifically the Platform component, is affected in versions 8.0.7.9, 8.0.8.7, and 8.1.2.5. The vulnerability allows a low-privilege, unauthenticated attacker with network access via HTTP to cause unauthorized creation, de...
CVE-2026-34308
...
CVE-2026-34305
...
CVE-2026-34302
...
CVE-2026-34298
CVE-2026-34298 affects Oracle Applications Framework within Oracle E-Business Suite, Personalization component. Affected: E-Business Suite versions 12.2.9–12.2.15. The vulnerability arises in the Personalization feature, enabling a high-privilege attacker with network access via HTTP to perform u...