4067 matches found
CVE-2026-23244
In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...
GHSA-JR27-M4P2-RC6R vulnerabilities
Vulnerabilities for packages: ansible-operator, barman, litellm, gitlab-cng-fips, kubeflow-pipelines-visualization-server, kubeflow-pipelines, apache-beam-python-3.12-sdk, superset, kubeflow-volumes-web-app, mlflow, label-studio, metaflow-service, datadog-agent, awx, localstack,...
GHSA-QJXF-F2MG-C6MC vulnerabilities
Vulnerabilities for packages: dask-kubernetes, mitmproxy, airflow, tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
CVE-2026-26740
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size...
CVE-2026-4271
A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the...
GHSA-GMQ8-994R-JV83 vulnerabilities
Vulnerabilities for packages: code-server, renovate, opensearch-dashboards...
CVE-2026-3644
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...
GHSA-Q3VM-F267-X4QX vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-GC25-M8G6-JP4F vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-82W6-2JQH-PVW5 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-3924 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-3916 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-3927 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-QGC5-2PJM-6X2M vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-VQFX-QX8M-7H3J vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-3913 vulnerabilities
Vulnerabilities for packages: chromium...
[SECURITY] Fedora 44 Update: gstreamer1-rtsp-server-1.28.1-1.fc44
A GStreamer-based RTSP server library...
[SECURITY] Fedora 44 Update: gstreamer1-doc-1.28.1-1.fc44
GStreamer documentation...
ROS-20260313-73-0030
A vulnerability in the toatmarpd function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
GHSA-56PX-HM34-XQJ5 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines...