CVE-2026-22283

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2026-22283

Dell PowerFlex Manager before version 4.8 is affected by CVE-2026-22283 (Inclusion of Functionality from Untrusted Control Sphere). An unauthenticated attacker with remote access could trigger information disclosure. Affected product: Dell PowerFlex Manager; vulnerable component/behavior not furt...

CVE-2026-12199

A flaw was found in the nltk component, specifically in the nltk.app.wordnetapp. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted GET request to the WordNet Browser HTTP server when it is running in its default mode. This allows the attacker to...

Important: Red Hat Security Advisory: redhat-ds:12 security update

An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 E4S for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

CVE-2026-40641

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

EUVD-2026-37724

Dell PowerFlex Manager, versions 4.6.0.1, contains an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

CVE-2026-40641

Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

CVE-2026-40641

CVE-2026-40641 affects Dell PowerFlex Manager, version 4.6.0.1. The vulnerability is a Use of a Broken or Risky Cryptographic Algorithm . An unauthenticated attacker with remote access could exploit it to cause information disclosure and information tampering . The CVSS metrics indicate a network...

CVE-2026-54816

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

CVE-2026-54814

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109...

Important: Red Hat Security Advisory: redhat-ds:11 security update

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 E4S for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-47477

Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to man-in-the-middle attack in tandem with DNS cache poisoning...

CVE-2024-47477

CVE-2024-47477 affects Dell PowerFlex Manager prior to 4.5.1.1, with an improper certificate validation vulnerability that could allow a remote unauthenticated attacker to perform a man‑in‑the‑middle attack in tandem with DNS cache poisoning. Affected product: PowerFlex Manager. Root cause: insuf...

EUVD-2024-55639

Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to man-in-the-middle attack in tandem with DNS cache poisoning...

CVE-2026-42055

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

CVE-2026-42055

CVE-2026-42055 affects NGINX Plus and NGINX Open Source via the ngx_http_proxy_v2_module and ngx_http_grpc_module. A remote, unauthenticated attacker can exploit scenarios where proxy_http_version 2 or grpc_pass is used, ignore_invalid_headers is off, and large_client_header_buffers is set to mul...

CVE-2026-55738 Stack Buffer Overflow in rxi/microtar raw_to_header() via non-null-terminated TAR name field

A stack-based buffer overflow exists in the rawtoheader function in src/microtar.c in rxi microtar 0.1.0. The function copies the 100-byte name and linkname fields of a TAR header with strcpy without guaranteeing null termination of the source. The POSIX ustar format permits these fixed-width...

K000161585: NGINX ngx_http_charset_module vulnerability CVE-2026-48142

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When content is served or proxied through a location block with both sourcecharset utf-8; and a charset directive for example, charset koi8-r ; configured, remote, unauthenticat...

EUVD-2026-37709

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109...