3392 matches found
CVE-2026-53181 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53185 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53189 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53195 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53196 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53147 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53149 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53205 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
CVE-2026-53198 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
GHSA-7Q5M-QV9W-C8XX vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
GHSA-8CG3-6H68-W2CJ vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-qemu, linux-aws, linux-vmware, linux-azure...
EUVD-2026-42068
An improper access check allows unauthorized users to create custom fields via webservices endpoints...
CVE-2026-13769
A flaw was found in AWS CLI. Overly permissive file permissions on Unix-like systems, where the umask has not been configured to restrict file permissions, may allow other local users on the same host to read credentials. This occurs when certain AWS CLI subcommands, such as aws codeartifact logi...
CVE-2026-56140
A flaw was found in the Apache Camel AWS SNS component camel-aws2-sns. An improper input validation vulnerability exists in the Sns2HeaderFilterStrategy due to a missing inbound filter rule. However, this component is producer-only, meaning it does not process external messages in a way that woul...
CVE-2026-56140
CVE-2026-56140 describes an improper input validation in the Apache Camel AWS SNS component (camel-aws2-sns) due to a missing inbound filter in Sns2HeaderFilterStrategy. The Red Hat/NVD entries confirm the issue is a defense-in-depth hardening change with no known exploit path because camel-aws2-...
CVE-2026-54430 Server-Site Request Forgery in liboauth2
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-54430
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-13316
A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...
EUVD-2026-40281
A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...
CVE-2026-13316
Foreman (HTTP proxies: http_proxies_controller, http_proxy) is affected by a flaw that allows SSRF, enabling access to cloud metadata services in AWS/GCP/Azure environments via modified HTTP parameters. Root cause involves unvalidated/test_url parameters in Foreman’s configuration paths. Impact i...