13495 matches found
EUVD-2026-44722
As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...
ROOT-APP-PYPI-CVE-2023-28370 CVE-2023-28370 in rootio-tornado - Patched by Root
Root has patched CVE-2023-28370 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...
Scoold < 1.64.0 - Authentication Bypass
Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...
CVE-2026-45363
ruby-jwt is a Ruby implementation of the RFC 7519 OAuth JSON Web Token standard. Prior to 2.10.3 and 3.2.0, JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token because OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key and no empty-key...
CVE-2026-48808
Twig’s CVE-2026-48808 describes a sandbox bypass when sandboxing is enabled via SourcePolicyInterface and the CoreExtension::column() filter is used. The issue arises because the column filter passes the active sandbox state as a boolean but does not forward the current Source to SandboxExtension...
CVE-2026-48758 sigstore-js: DSSE payloadType type-binding failure
sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 3.2.1, the preAuthEncoding function in @sigstore/core uses Node.js ascii encoding when converting the PAE string to bytes, allowing payloadType to be mutated after signing without invalidating the signature...
kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...
CVE-2026-59888
The CVE-2026-59888 issue affects Jackson Databind (Java Records) where, from 2.15.0 through 2.18.8, 2.21.4, and 3.1.4, a PropertyNamingStrategy can cause a bypass of @JsonIgnore. This occurs because POJOPropertiesCollector._removeUnwantedIgnorals() records an ignored component under its original ...
ROOT-OS-UBUNTU-2404-CVE-2025-68317 CVE-2025-68317 in rootio-linux - Patched by Root
Root has patched CVE-2025-68317 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38561 CVE-2025-38561 in rootio-linux - Patched by Root
Root has patched CVE-2025-38561 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-68364 CVE-2025-68364 in rootio-linux - Patched by Root
Root has patched CVE-2025-68364 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-46005 CVE-2026-46005 in rootio-linux - Patched by Root
Root has patched CVE-2026-46005 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43209 CVE-2026-43209 in rootio-linux - Patched by Root
Root has patched CVE-2026-43209 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38155 CVE-2025-38155 in rootio-linux - Patched by Root
Root has patched CVE-2025-38155 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40158 CVE-2025-40158 in rootio-linux - Patched by Root
Root has patched CVE-2025-40158 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39808 CVE-2025-39808 in rootio-linux - Patched by Root
Root has patched CVE-2025-39808 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38031 CVE-2025-38031 in rootio-linux - Patched by Root
Root has patched CVE-2025-38031 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-46198 CVE-2026-46198 in rootio-linux - Patched by Root
Root has patched CVE-2026-46198 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-53024 CVE-2026-53024 in rootio-linux - Patched by Root
Root has patched CVE-2026-53024 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-68179 CVE-2025-68179 in rootio-linux - Patched by Root
Root has patched CVE-2025-68179 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...