391 matches found
BELL-CVE-2026-53099 CVE-2026-53099 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2026-46264 CVE-2026-46264 does not affect BellSoft software
Bulletin has no description...
CVE-2026-0428
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...
BELL-CVE-2026-46008
Bulletin has no description...
BELL-CVE-2026-45979 CVE-2026-45979 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2026-43388
Bulletin has no description...
BELL-CVE-2026-43369
Bulletin has no description...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @getnuvo/importer-react (>=3.3.0 <=3.6.2) +19 more potentially affected by CVE-2026-43898 via @nyariv/sandboxjs (>=0.5.3 <=0.8.36)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =3.3.0, =4.0.1, =0.0.12, =2.1.6, =2.1.6, =1.0.5, =1.0.6, =2.1.6, =2.1.6, =2.15.0, =0.2.0, =0.2.2 and more Source cves: CVE-2026-43898 Source advisory: SNYK:JS-NYARIVSANDBOXJS-16642341...
Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017606)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017606 advisory. There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg...
BELL-CVE-2025-71290
Bulletin has no description...
BELL-CVE-2026-43401
Bulletin has no description...
EUVD-2026-27864
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...
CVE-2026-22009
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
CVE-2026-34629
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-5199 Cross Namespace Access via Batch Operation
A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow IDs and, for signal operations, signal names. This was due to a bu...
CLEANSTART-2026-ID24148 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-33186 applied in versions: 0.28.7-r1, 0.29.0-r0, 0.30.0-r0
Multiple security vulnerabilities affect the step package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-25030
Deserialization of Untrusted Data vulnerability in parkofideas Goldish goldish allows Object Injection.This issue affects Goldish: from n/a through 3.47...
BELL-CVE-2026-23376
Bulletin has no description...
BELL-CVE-2026-23275
Bulletin has no description...
Mattermost fails to verify run_create permission for empty playbookId
Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2 fail to verify runcreate permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Mattermost Advisory ID: MMSA-2025-00542...