445963 matches found
RHSA-2026:26562 Red Hat Security Advisory: xorg-x11-server-Xwayland security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2026:26561 Red Hat Security Advisory: postgresql:15 security update
Bulletin has no description...
RHSA-2026:26540 Red Hat Security Advisory: valkey security update
Bulletin has no description...
RHSA-2026:26551 Red Hat Security Advisory: firefox security update
Bulletin has no description...
RHSA-2026:26539 Red Hat Security Advisory: thunderbird security update
Bulletin has no description...
RHSA-2026:26536 Red Hat Security Advisory: thunderbird security update
Bulletin has no description...
RHSA-2026:26524 Red Hat Security Advisory: postgresql:16 security update
Bulletin has no description...
RHSA-2026:26525 Red Hat Security Advisory: postgresql:16 security update
Bulletin has no description...
RHSA-2026:26521 Red Hat Security Advisory: thunderbird security update
Bulletin has no description...
RHSA-2026:26515 Red Hat Security Advisory: kernel security update
Bulletin has no description...
RHSA-2026:22934 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Bulletin has no description...
RHSA-2026:22380 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Bulletin has no description...
CVE-2026-55745
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.editfolder.php, the folder update action 'a=update' updates folder metadata title, description, public/gallery flags without calling cotcheckxg ...
CVE-2026-55741
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action 'a=update' processes POST data via cotconfigupdateoptions without calling cotcheckxg to validate...
EUVD-2026-37856
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.editfolder.php, the folder update action 'a=update' updates folder metadata title, description, public/gallery flags without calling cotcheckxg ...
CVE-2026-55745
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.editfolder.php, the folder update action 'a=update' updates folder metadata title, description, public/gallery flags without calling cotcheckxg ...
EUVD-2026-37854
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action 'a=update' modifies group access rights including via cotauthaddgroup without calling cotcheckxg to validate th...
CVE-2026-55742 Cotonti CSRF in admin.rights.php allows privilege escalation
Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action 'a=update' modifies group access rights including via cotauthaddgroup without calling cotcheckxg to validate th...
CVE-2026-55742
Cotonti 1.0.0 (master, commit f43f1fc3) is vulnerable to CSRF in system/admin/admin.rights.php while performing the update action (a=update). The code path updates group access rights (including via cot_auth_add_group) without calling cot_check_xg() to validate an anti-CSRF token. A remote attack...
CVE-2026-55741
Cotonti 1.0.0 (master, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the admin configuration handler. The vulnerability occurs in system/admin/admin.config.php where the update action (a=update) processes POST data via cot_config_update_options() without calling cot_check_xg() t...