Lucene search
K

3522 matches found

RedHat Linux
RedHat Linux
added 2026/06/23 4:38 a.m.7 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...

7.5CVSS6AI score0.0027EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 9:27 a.m.4 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...

7.5CVSS6AI score0.0027EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:49 a.m.7 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...

7.5CVSS5.8AI score0.0027EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

SUSE SLES12 Security Update : openssh8.4 (SUSE-SU-2026:2430-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2430-1 advisory. This update for openssh8.4 fixes the following issues - CVE-2026-3497: Information disclosure or denial of service due to uninitialized variabl...

8.2CVSS6.2AI score0.0218EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2395-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2395-1 advisory. This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialized variables...

8.2CVSS7.1AI score0.0218EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/17 5:39 a.m.5 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 security and extras update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS6.5AI score0.01557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

RHEL 9 : tomcat (RHSA-2026:26323)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26323 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Certificate...

7.5CVSS5.4AI score0.00498EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 6:28 p.m.8 views

Security Bulletin: Multiple Security Vulnerabilities in Spring Framework Affect IBM Sterling B2B Integrator and IBM Sterling File Gateway

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities in Spring Framework Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patter...

7.5CVSS6.9AI score0.01916EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.22 views

PT-2026-49062

Name of the Vulnerable Software and Affected Versions Radius versions 0.57.1 and earlier Description A configuration-validation issue in the Radius Kubernetes controller allows for a Confused Deputy attack. The controller deserializes JSON data from the radapp.io/status annotation on Kubernetes...

7.7CVSS5.9AI score0.00051EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/06/11 2:1 p.m.6 views

Security update for openssh

This update for openssh fixes the following issues CVE-2026-3497: information disclosure or denial of service due to uninitialized variables bsc1259642. CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. CVE-2026-35388: omitted connection multiplexing...

7.5CVSS7.1AI score0.0218EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2026/06/11 1:56 p.m.11 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.7AI score0.00728EPSS
Exploits0References8
CVE
CVE
added 2026/06/10 3:56 p.m.21 views

CVE-2026-46616

Umbraco CMS (ASP.NET) contains an Open Redirect vulnerability in Surface Controllers used for member-related operations. Prior to versions 13.14.0 and 17.4.0, redirect URL validation fails for RedirectUrl supplied via user-controlled query parameters, allowing Razor templates to derive RedirectUr...

6.1CVSS5.4AI score0.0018EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 8:33 p.m.9 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary code. Exploitation of...

8.4CVSS6.5AI score0.00555EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/09 6:33 p.m.11 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in OSSLCMPget1rootCaKeyUpdate. An attacker with credentials that satisfy the CMP message protection checks, such as a Registration Authority, can replace the root CA certificate held by affected CMP clien...

6CVSS6.6AI score0.00262EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.11 views

Chromium: CVE-2026-11034 Insufficient validation of untrusted input in Tab Group Sync

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS5.4AI score0.00182EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.9 views

Chromium: CVE-2026-11007 Insufficient validation of untrusted input in WebView

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00308EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.23 views

OpenSSL Security Advisory 20260609

OpenSSL is susceptible to multiple security vulnerabilities. A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. The Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag...

9.8CVSS5.5AI score0.02719EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2026-1776)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1776 advisory. Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from...

9.8CVSS6.5AI score0.01339EPSS
Exploits2References16
RedhatCVE
RedhatCVE
added 2026/06/07 4:52 a.m.11 views

CVE-2026-11056

An insufficient validation of untrusted input flaw was found in the SiteIsolation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498887785...

9.6CVSS5.4AI score0.00234EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.11 views

CVE-2026-48589

A flaw was found in Apache Shiro's Jakarta EE module. Insufficient validation of the HTTP Referer header, a client-controlled value, could allow an attacker to influence the redirect target after a user login. This vulnerability can be exploited to redirect users to malicious sites, potentially...

5.4CVSS5.8AI score0.00352EPSS
Exploits0References4
Rows per page
Query Builder