9793 matches found
EUVD-2026-25412
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All. An authenticated attacker can use the admin web console page to construct a malicious broker name that bypasses name validation to...
CVE-2026-41043 Apache ActiveMQ, Apache ActiveMQ Web: ActiveMQ Web Console - XSS vulnerability when browsing queues
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. An authenticated attacker can show malicious content when browsing queues in the web console by overriding the content type to be HTML instead of XML and by injecting...
CVE-2026-40466 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URI
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...
PT-2026-34871
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. An authenticated attacker can show malicious content when browsing queues in the web console by overriding the content type to be HTML instead of XML and by injecting...
Linux Distros Unpatched Vulnerability : CVE-2026-41044
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All...
xfs: stop reclaim before pushing AIL during unmount
...
Security Bulletin: Vulnerability in SSSD affects IBM Netezza Appliance
Summary The SSSD package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-11561 Vulnerability Details CVEID:CVE-2025-11561 DESCRIPTION: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux...
Active Debug Code
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Active Debug Code via the git.json.php file. An attacker can obtain sensitive information, including developer email addresses, deployed commit hashes, and commit...
EUVD-2026-24864
In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...
CVE-2026-31494
In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...
CVE-2026-31455
In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues -...
CVE-2026-31494
Technical details for CVE-2026-31494 are not publicly provided in the supplied documents; monitor for updates.
CVE-2026-31455
CVE-2026-31455 pertains to the Linux kernel, specific to the XFS unmount path. During unmount, in xfs_unmount_flush_inodes(), the AIL is pushed while background reclaim and inodegc may still be running, which can lead to inodes being dirtied or re-queued into the AIL. The provided fix reorders th...
Exploit for Improper Input Validation in Microsoft
🚨 CVE-2026-33826: Windows Active Directory Remote Code Executi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013781)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013781 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized...
PT-2026-34360
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where the unmount sequence in the xfs unmount flush inodes function pushes the Active Item List AIL while background reclaim and inode garbage...
CVE-2026-34294
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Microsoft Active Directory. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Orac...
CVE-2026-34294
Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware component: Microsoft Active Directory. The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via LDAP to compromise Orac...
CVE-2026-40587 blueprintUE: Active Sessions Are Not Invalidated After Password Change or Reset
blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a user changes their password via the profile edit page, or when a password reset is completed via the reset link, neither operation invalidates existing authenticated sessions for that user. A server-side session store...
CVE-2026-40587
CVE-2026-40587 affects blueprintUE. Before 4.2.0, changing a password or completing a password reset does not invalidate existing sessions; server-side session store maps userID to sessions, and password updates modify only the users table, leaving active sessions usable. Result: an attacker with...