158859 matches found
GHSA-HFFM-XVC3-VPRC vulnerabilities
Vulnerabilities for packages: renovate...
CVE-2026-45740 vulnerabilities
Vulnerabilities for packages: vitess, pulumi, langfuse, renovate, jitsucom-jitsu...
GHSA-Q8MJ-M7CP-5Q26 vulnerabilities
Vulnerabilities for packages: kubeflow-centraldashboard, code-server, prism, saf, opensearch-dashboards, thingsboard, langfuse, renovate, json-server, tileserver-gl, kubeflow-pipelines, argo-workflows, sqlpad...
GHSA-HFFM-XVC3-VPRC vulnerabilities
Vulnerabilities for packages: renovate...
CVE-2026-6951 vulnerabilities
Vulnerabilities for packages: renovate...
CVE-2026-8723 vulnerabilities
Vulnerabilities for packages: renovate, tileserver-gl-fips, opensearch-dashboards-fips, tileserver-gl, opensearch-dashboards, unleash, argo-workflows, saf, thingsboard-fips, wazuh-dashboard-fips, prism, gitlab-rails-ce-fips, kubeflow-pipelines, json-server, kubeflow-centraldashboard, pelias-api,...
GHSA-Q8MJ-M7CP-5Q26 vulnerabilities
Vulnerabilities for packages: renovate, tileserver-gl-fips, opensearch-dashboards-fips, tileserver-gl, opensearch-dashboards, unleash, argo-workflows, saf, thingsboard-fips, wazuh-dashboard-fips, prism, gitlab-rails-ce-fips, kubeflow-pipelines, json-server, kubeflow-centraldashboard, pelias-api,...
GHSA-Q62F-H9X2-GCQC vulnerabilities
Vulnerabilities for packages: camunda-zeebe, camunda...
CVE-2026-41712 vulnerabilities
Vulnerabilities for packages: camunda-zeebe, camunda...
USN-8310-1 linux-azure, linux-azure-6.17 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
CVE-2026-9572
A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. Th...
USN-8307-1: ONNX vulnerability
It was discovered that ONNX did not properly validate paths when extracting tar archives during model downloads. An attacker could possibly use this issue to overwrite arbitrary files on the system...
CVE-2026-9567
A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...
CVE-2026-48864
A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...
CVE-2026-45835
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...
EUVD-2025-209933
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...
CVE-2025-13755
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...
CVE-2025-13755 IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes DB2 Connect Server stores potentially sensitive information in log files that could be read by a local user...
CVE-2025-13755
CVE-2025-13755 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (Linux/UNIX/Windows, including Db2 Connect Server). The root cause is that the system can store potentially sensitive information in log files, which could be read by a local user, constituting a credential exposure (CWE-532). Impact ...
libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling
A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...