CVE-2025-70458

A DOM-based Cross-Site Scripting XSS vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the...

SourceCodester Domain Availability Checker Security Vulnerabilities

SourceCodester Domain Availability Checker is an open-source domain availability checking tool developed by SourceCodester. Version 1.0 of the SourceCodester Domain Availability Checker contains a security vulnerability. This vulnerability stems from the DomainCheckerApp class using the unsafe...

OPENSUSE-SU-2026:10086-1 openCryptoki-3.26.0-4.1 on GA media

These are all security issues fixed in the openCryptoki-3.26.0-4.1 package on the GA media of openSUSE Tumbleweed...

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.0

The 1.21.0 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.21.0 release of Red Hat OpenShift Pipelines Operator...

GHSA-273P-M2CW-6833 Rekor's COSE v0.0.1 entry type nil pointer dereference in Canonicalize via empty Message

Summary Rekor’s cose v0.0.1 entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message. validate returns nil success when message is empty, leaving sign1Msg uninitialized, and Canonicalize later dereferences v.sign1Msg.Payload. Impa...

Azure Linux 3.0 Security Update: openjpeg2 (CVE-2020-27841)

The version of openjpeg2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-27841 advisory. - There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able t...

Azure Linux 3.0 Security Update: samba (CVE-2020-27840)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-27840 advisory. - A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-0927)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0927 advisory. 1:17.0.18.0.8-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.18.0.8-1 - Update to jdk-17.0.18+8 GA - Add to .gitignore...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-12084)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-12084 advisory. - When building nested elements using xml.dom.minidom methods such as appendChild that have a...

OPENSUSE-SU-2026:10083-1 vlang-0.5-2.1 on GA media

These are all security issues fixed in the vlang-0.5-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-21955

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2026-0834 Logic Vulnerability on TP-Link Archer C20, Archer AX53 and TL-WR841N v13

Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 TDDP module allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger...

ROS-20260121-73-0042

A vulnerability in the nfttunnel component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

OPENSUSE-SU-2026:10078-1 python311-pyasn1-0.6.2-1.1 on GA media

These are all security issues fixed in the python311-pyasn1-0.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10074-1 corepack22-22.22.0-1.1 on GA media

These are all security issues fixed in the corepack22-22.22.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10073-1 alloy-1.12.2-2.1 on GA media

These are all security issues fixed in the alloy-1.12.2-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-21955

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2026-21941

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2026-21965

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2026-21957

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...