Lucene search
+L

1835 matches found

CVE
CVE
added 3 days ago22 views

CVE-2026-47732

Twig Sandbox: multiple __toString() policy bypasses via unguarded string coercion points existed prior to 3.26.0, enabling string coercion of Stringable operands through various constructs (conditional expressions, matches operator, loose comparisons, tests, template-loading tags, dynamic attribu...

7.1CVSS6.1AI score0.0036EPSS
Exploits0References3Affected Software1
OSV
OSV
added 4 days ago2 views

OPENSUSE-SU-2026:21325-1 Security update for cryptsetup

This update for cryptsetup fixes the following issues: Changes in cryptsetup: - Fix for bsc1270254 to avoid undesired pinning of all volume keys via the thread keyring through the caller's credentials when the kernel opens a file. This is due to the refactoring in kernel commit a28d893eb327 "md:...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/07/06 4:5 p.m.1 views

OPENSUSE-SU-2026:21265-1 Security update for cadvisor

This update for cadvisor fixes the following issues: Changes in cadvisor: - update to 0.60.3: Move OOM watching out of the lib module into the binary lib/model: make ContainerStats sub-stats pointers to convey collection presence - update to 0.60.1: cpuload/netlink: report the real error and skip...

9.6CVSS6.8AI score0.01557EPSS
Exploits2References10
Fedora
Fedora
added 2026/07/04 12:51 a.m.9 views

[SECURITY] Fedora 44 Update: os-autoinst-5^20260601git6ee8da2-1.fc44

The OS-autoinst project aims at providing a means to run fully automated tests. Especially to run tests of basic and low-level operating system components such as bootloader, kernel, installer and upgrade, which can not easily and safely be tested with other automated testing frameworks. However,...

9.8CVSS6.6AI score0.01735EPSS
Exploits0
Fedora
Fedora
added 2026/07/04 12:51 a.m.6 views

[SECURITY] Fedora 44 Update: openqa-5^20260604git6376095-3.fc44

openQA is a testing framework that allows you to test GUI applications on one hand and bootloader and kernel on the other. In both cases, it is difficult to script tests and verify the output. Output can be a popup window or it can be an error in early boot even before init is executed. openQA is...

9.8CVSS6.7AI score0.01735EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...

6.8CVSS6.3AI score0.00296EPSS
Exploits0References10
OSV
OSV
added 2026/06/29 10:57 a.m.5 views

SUSE-SU-2026:2678-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. - CVE-2026-10275: global buffer overflow duri...

6.8CVSS6AI score0.00296EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 1:22 p.m.4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: podman: podman-6.0.0-1.hum1 aarch64, x8664 podman-docker-6.0.0-1.hum1 noarch podman-machine-6.0.0-1.hum1 aarch64, x8664 podman-remote-6.0.0-1.hum1 aarch64, x8664 podman-tests-6.0.0-1.hum1 aarch64...

7.5CVSS5.8AI score0.00317EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Team: Move teamdevicetypechange to the end of teamportadd. Attempting to add a port device that is already up will, unsurprisingly, fail. However, this failure occurs before modifying the teamdeviceheaderops. In the case of the...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed inconsistencies in e4b bitmap reports An inconsistency issue with the bitmap was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures, such as:...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/06/23 12:0 a.m.7 views

skopeo security update

1:1.22.2-6 - Rebuild for CVE-2026-32283 - Resolves: RHEL-167688 1:1.22.2-5 - Rebuild for CVE-2026-25679 - Re-add test file installation to fix tier0 tests - Resolves: RHEL-158789...

7.5CVSS7.2AI score0.00621EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

Oracle Linux 9 : buildah (ELSA-2026-19186)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19186 advisory. - fixes CVE-2026-34986 - Rebuild for new golang to address CVE-2025-61726 Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS6.9AI score0.01945EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : perl-DBI, perl-DBI-tests (ALAS2023-2026-1850)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1850 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of t...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References6
Fedora
Fedora
added 2026/06/21 1:11 a.m.6 views

[SECURITY] Fedora 43 Update: python3.13-3.13.14-1.fc43

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

9.1CVSS7.4AI score0.0079EPSS
Exploits0
Fedora
Fedora
added 2026/06/21 1:1 a.m.6 views

[SECURITY] Fedora 44 Update: python3.13-3.13.14-1.fc44

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

9.1CVSS7.4AI score0.0079EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/18 5:22 p.m.29 views

@acastellon/auth: Authentication bypass via spoofable headers in validateToken()

@acastellon/auth v2.2.0 appears to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for auth-user: service-brother when req.get'host'.startsWithgetHostName. Both...

8.7CVSS5.5AI score0.00543EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/18 2:12 a.m.3 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: netavark: netavark-2.0.0-1.hum1 aarch64, x8664 netavark-tests-2.0.0-1.hum1 aarch64, x8664 netavark-2.0.0-1.hum1.src src...

4.8CVSS5.9AI score0.0024EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.10 views

Siemens RUGGEDCOM RST2428P Incorrect Bitwise Shift of Integer (CVE-2025-40281)

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of- bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...

5.9AI score0.00189EPSS
Exploits0References3
OSV
OSV
added 2026/06/15 1:52 p.m.3 views

OPENSUSE-SU-2026:20986-1 Security update for perl-Crypt-SaltedHash

This update for perl-Crypt-SaltedHash fixes the following issues: Changes in perl-Crypt-SaltedHash: updated to 0.110.0 0.11 0.11 2026-05-20 14:05:07+01:00 Europe/London - Fixed metadata - Moved author tests into xt 0.10 2026-05-19 - Maintenance taken over by Robert Rothenberg - Updated the Git...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 8:50 a.m.4 views

SUSE-SU-2026:22103-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation bsc1267246. - CVE-2026-40528: stack and heap buffer overrun in the dokeyvalue function due to missing length check allows for memory corrupti...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References5
Rows per page
Query Builder