CVE-2025-71305 affecting package kernel for versions less than 6.6.139.1-1

CVE-2025-71305 affecting package kernel for versions less than 6.6.139.1-1. A patched version of the package is available...

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

CVE-2026-44168

Disclaimer: This data contains information about vulnerable...

SUSE CVE-2026-42245

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are...

CVE-2026-44309 vulnerabilities

Vulnerabilities for packages: cg...

CVE-2025-48431 affecting package thrift for versions less than 0.15.0-6

CVE-2025-48431 affecting package thrift for versions less than 0.15.0-6. A patched version of the package is available...

GHSA-W3W2-MPP5-92GM vulnerabilities

Vulnerabilities for packages: geoserver...

GHSA-V9JR-RG53-9PGP vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, nextcloud-server...

GHSA-JVWF-75H9-CWGG vulnerabilities

Vulnerabilities for packages: vitess, kubeflow-centraldashboard, pulumi, renovate...

GHSA-M3W5-78CH-J8HG vulnerabilities

Vulnerabilities for packages: linux-aws, linux-vmware...

CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

CVE-2026-33603

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

GHSA-V3XG-VJWM-WV2Q vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-41492 vulnerabilities

Vulnerabilities for packages: dgraph...

CVE-2026-31702 affecting package kernel for versions less than 6.6.137.1-2

CVE-2026-31702 affecting package kernel for versions less than 6.6.137.1-2. An upgraded version of the package is available that resolves this issue...

GHSA-8G2R-HHVJ-MV99 vulnerabilities

Vulnerabilities for packages: nri-rabbitmq, kuma, terraform-provider-tls, dex, prometheus-operator, grafana-operator, zot, manifest-tool, act, timestamp-authority, kubevela, trino, http-echo, minio, sftpgo-plugin-pubsub, atlantis, redpanda, victoriametrics, dbmate, cilium, sftpgo,...

CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

CVE-2026-43344

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbeppci2phymapinit, in the nrnodeids 8 path, uncoredevicetodie may return -1 when all CPUs associated with the UBOX device are offline. Remove the WARNONONCEdieid == -1...

CVE-2026-44312 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-rails-ce-fips...