CLEANSTART-2026-VI68146 Security fixes for CVE-2025-15558, CVE-2025-47907, CVE-2025-61728, CVE-2025-61730, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2x5j-vhc8-9cwm, ghsa-6m8w-jc87-6cr7, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-vvgc-356p-c3xw applied in versions: 1.14.4-r1, 1.14.4-r2, 1.14.5-r3, 1.14.5-r4

Multiple security vulnerabilities affect the kyverno-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-28131

Insertion of Sensitive Information Into Sent Data vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Retrieve Embedded Sensitive Data.This issue affects Elementor Addon Elements: from n/a through = 1.14.4...

CVE-2025-66548

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

CVE-2024-29159 affecting package hdf5 for versions less than 1.14.4-1

CVE-2024-29159 affecting package hdf5 for versions less than 1.14.4-1. An upgraded version of the package is available that resolves this issue...

PT-2024-25892 · Unknown · Divspot Ds Site Message

Name of the Vulnerable Software and Affected Versions: divSpot DS Site Message versions 1.14.4 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to trick a user into performing unintended actions on a web application that...

DEBIAN-CVE-2023-28100

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the TIOCLINUX ioctl command instead of TIOCSTI. If a Flatpak app is run on a Linux...

PT-2022-26933 · Shirasagi · Shirasagi

Name of the Vulnerable Software and Affected Versions: SHIRASAGI versions 1.14.4 through 1.15.0 Description: The issue allows a remote unauthenticated attacker to redirect users to an arbitrary web site, potentially conducting a phishing attack. Recommendations: For SHIRASAGI versions 1.14.4...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=2.0.0 <=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.0 <=3.0.4) +53 more potentially affected by CVE-2022-37022 via org.apache.geode:geode-core (>=1.0.0-incubating <=1.14.4)

org.apache.geode:geode-core MAVEN version =1.0.0-incubating, =2.0.0, =2.0.0, =2.0.0, =0.3.12, =0.3.5, =2.4.0, =1.22.0, =1.14.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.14.4 and more Source cves: CVE-2022-37022 Source advisory: OSV:GHSA-QF8G-VPWP-6579...