24 matches found
RHEL 9 : kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 (RHSA-2026:23468)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23468 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...
SUSE SLES15 Security Update : kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1000-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1000-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.97 fixes various security issues The following security issues were fixed: -...
RHSA-2026:2109 Red Hat Security Advisory: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_44_1, kpatch-patch-5_14_0-427_55_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update
Bulletin has no description...
PT-2026-7943
Name of the Vulnerable Software and Affected Versions Solspace Freeform plugin for Craft CMS versions 5.0 through 5.14.6 Description A low-privilege authenticated user with form creation/editing permissions can inject arbitrary HTML and JavaScript code into the Craft Control Panel builder and...
CVE-2025-64757 Astro Development Server is Vulnerable to Arbitrary Local File Read
Astro is a web framework. Prior to version 5.14.3, a vulnerability has been identified in the Astro framework's development server that allows arbitrary local file read access through the image optimization endpoint. The vulnerability affects Astro development environments and allows remote...
CVE-2025-64326
Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the project in the audit log. The audit log includes IP addresses from admin-triggered actions, which can be viewed by invited users. This issue is fixed i...
CVE-2025-64326
Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the project in the audit log. The audit log includes IP addresses from admin-triggered actions, which can be viewed by invited users. This issue is fixed i...
PYSEC-2025-230
Weblate is a web based localization tool. In versions 5.14 and below, Weblate leaks the IP address of the project member inviting the user to the project in the audit log. The audit log includes IP addresses from admin-triggered actions, which can be viewed by invited users. This issue is fixed i...
CVE-2025-64326
Weblate (web-based localization tool) versions 5.14 and earlier leak the inviting user’s IP address in the audit log, which can be viewed by invited project members. The root cause is exposure of IPs in admin-triggered actions within the audit log. The issue is fixed in Weblate 5.14.1. Affected p...
EUVD-2025-32549
python-socketio vulnerable to arbitrary Python code execution RCE through malicious pickle deserialization in certain multi-server deployments...
CLSA-2025-1757148344 Update of kernel
Rebased FIPS patches to 5.14.0-570.35.1...
CLSA-2025-1752189542 Update of kernel
Rebased FIPS patches to 5.14.0-570.25.1...
CVE-2023-32598
Unauth. Reflected Cross-Site Scripting XSS vulnerability in A. R. Jones Featured Image Pro Post Grid plugin = 5.14 versions...
WordPress plugin Featured Image Pro Post Grid 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
Zoom Client Security Vulnerability
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Client version 5.14.10, which stemmed from a client-side implementation issue with server-side security...
Zoom Rooms 安全漏洞
Zoom Rooms is a software-based conferencing system from Zoom USA. A system that allows web conferencing on fixed endpoints, similar to traditional video conferencing systems. A security vulnerability exists in Zoom Rooms prior to version 5.14.5 that stems from improper privilege management. It...
Zoom Client 缓冲区错误漏洞
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in Zoom for Windows clients prior to version 5.14.0, which stems from an incorrect operation limit in the memory buffer...
Vulnerabilities fixed in Zoom
Zoom has fixed vulnerabilities in the Zoom client for Windows and macOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, to grant themselves elevated privileges granted or gain access to sensitive information. Zoom has released updates to fix the vulnerabilities ...
Dell EMC SCG Policy Manager Information Disclosure Vulnerability
Dell EMC SCG Policy Manager is a secure connectivity gateway policy manager from Dell, Inc. An information disclosure vulnerability exists in Dell EMC SCG Policy Manager version 5.14, which stems from insufficient protection of sensitive information in the upgrade path from SRS to SCG, and can be...
SUSE CVE-2020-0570
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access...