485 matches found
GHSA-J39J-6GW9-JW6H vulnerabilities
Vulnerabilities for packages: nushell, zed, eza, convco, sentry-cli, bat, berg...
GHSA-4RRR-2H4V-F3J9 vulnerabilities
Vulnerabilities for packages: awx, authentik-fips, label-studio, authentik...
GHSA-R2RJ-WWM5-X6MQ vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno...
CVE-2026-1285
An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...
CVE-2025-61636
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4,...
GHSA-7W66-J2R2-VM3P vulnerabilities
Vulnerabilities for packages: kubernetes...
GHSA-3CMH-PCXH-6V9P vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-aws, linux-qemu, linux-azure, linux-vmware...
CVE-2026-0994 vulnerabilities
Vulnerabilities for packages: duplicity, mlflow, kserve, text-generation-inference, nemo, py3-cassandra-medusa, localstack, semgrep, litellm, py3-vllm-cuda-12.4, ghidra, dbt-bigquery, dbt-core, awx, py3-protobuf, pgadmin4-fips, metaflow-service, authentik, datadog-agent,...
CVE-2023-51797 vulnerabilities
Vulnerabilities for packages: ffmpeg...
CVE-2025-61728
archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive...
GHSA-866G-X98C-RPRC vulnerabilities
Vulnerabilities for packages: kibana...
GHSA-FJJ2-X466-W3HX vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, gitlab-rails-ce, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
GHSA-J56P-CX78-V9CH vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, gitlab-rails-ce, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
CVE-2025-10868 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce-fips, gitlab-rails-ce, gitlab-workhorse-ce, gitlab-workhorse-ce-fips...
curl: libcurl: Curl out of bounds read for cookie path
An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...
GHSA-HG6J-8H7M-3W3J vulnerabilities
Vulnerabilities for packages: nodejs...
CVE-2026-23553
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
ROS-20260128-73-0059
Vulnerability in kernel-lt related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
php: PHP Hostname Null Character Vulnerability
A flaw was found in PHP. The fsockopen function and related functions fail to validate NULL characters within the provided hostname, potentially leading to unexpected behavior during parsing. This flaw allows a network attacker to supply a specially crafted hostname. This issue can result in a...
CVE-2025-68160
Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...