28 matches found
Important: Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_143_1, and kpatch-patch-4_18_0-477_97_1 (RHSA-2026:28748)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28748 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
RHEL 8 : kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 (RHSA-2026:28749)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28749 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images
Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Moderate: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images
Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images
Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 security and extras update
Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
RHSA-2026:15976 Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update
Bulletin has no description...
Flexense SysGauge 安全漏洞
Flexense SysGauge is a system analysis tool developed by Flexense Corporation, designed for real-time monitoring of system performance and resource usage. Version 4.5.18 of Flexense SysGauge contains a security vulnerability. This vulnerability stems from a buffer overflow in the proxy...
GHSA-R5FR-RJXR-66JC lodash vulnerable to Code Injection via `_.template` imports key names
Impact The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes untrusted input as options.imports key names, an attacker...
CVE-2026-2950
Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg only guards against string key members, so an attacker can bypass the check by...
CVE-2026-4800
Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes...
CVE-2026-2950
CVE-2026-2950 affects lodash ≤ 4.17.23, enabling prototype pollution via array-wrapped path segments in _.unset and _.omit. The attack can delete properties from built-in prototypes (Object.prototype, Number.prototype, String.prototype) without overwriting behavior. The issue is patched in lodash...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.35 security and extras update
Red Hat OpenShift Container Platform release 4.18.35 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
CVE-2026-27836
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint /api/webauthn/prepare creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited us...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.18.32 bug fix and security update
Red Hat OpenShift Container Platform release 4.18.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...
MiracleLinux 8 : kernel-4.18.0-372.16.1.el8_6 (AXSA:2022-3815:13)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3815:13 advisory. kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 Tenable has extracted the preceding description block directly from the...
Mailjet MJML 安全漏洞
Mailjet MJML is a responsive email framework from the French company Mailjet. A security vulnerability exists in Mailjet MJML version 4.18.0 and earlier, which stems from mj-include allowing directory traversal, which could lead to testing for file existence and reading files...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.18 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.18 security, enhancement & bug fix update...
RHSA-2025:16455 Red Hat Security Advisory: Red Hat Product OCP Tools 4.18 Openshift Jenkins security update
Bulletin has no description...