228 matches found
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: crossplane-provider-aws-rds, kueue-fips, crossplane-provider-aws-secretsmanager, crossplane-provider-aws-s3-fips, agentbeat-fips, crossplane-provider-azure-storagesync, crossplane-provider-aws-dynamodb, crossplane-provider-aws-route53resolver,...
CVE-2026-57876
An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing HTTP request body data. A remote attacker may exploit this vulnerability by sending a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: The sumutex should be acquired before navigating the configs hierarchy. There is a race between operations that iterate over the cgchildren list and concurrent additions/removals of userdata items through configfs. Th...
MINI-22CM-JR63-CG4R
Bulletin has no description...
GHSA-CRHJ-59GH-8X96 vulnerabilities
Vulnerabilities for packages: argo-events, zot, guac, argo-workflows-fips, google-osconfig-agent, pulumi-language-dotnet, kaniko, goreleaser, trivy-operator, trivy-fips, kyverno-fips, syft-fips, zarf, gitaly-fips, mapotf, skaffold-fips, coder, external-secrets-operator-fips, redpanda-console,...
GHSA-7RMH-48MX-2VWC vulnerabilities
Vulnerabilities for packages: cg...
GHSA-7C37-GX6W-8VC5 vulnerabilities
Vulnerabilities for packages: cg...
CVE-2026-44310 vulnerabilities
Vulnerabilities for packages: cg...
CVE-2026-44309 vulnerabilities
Vulnerabilities for packages: cg...
GHSA-M3XC-H892-GGX6 vulnerabilities
Vulnerabilities for packages: terragrunt, rancher-fleet-fips, upwind-agent, syft, argo-cd-fips, cerbos, chainloop-cli, seaweedfs-rocksdb, kyverno-fips, seaweedfs-rocksdb-fips, syft-fips, gitlab-rails-ce-fips, cg, argo-cd, skaffold-fips, gitaly, telegraf, rancher-fleet, teleport, scorecard,...
CVE-2026-44740 vulnerabilities
Vulnerabilities for packages: terragrunt, rancher-fleet-fips, upwind-agent, syft, argo-cd-fips, cerbos, chainloop-cli, seaweedfs-rocksdb, kyverno-fips, seaweedfs-rocksdb-fips, syft-fips, gitlab-rails-ce-fips, cg, argo-cd, skaffold-fips, gitaly, telegraf, rancher-fleet, teleport, scorecard,...
CVE-2026-41507 Remote Code Execution (RCE) via String Literal Injection into math-codegen
math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse is injected verbatim into a new Function body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled input reaches the...
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-5766 via django (>=5.2.0 <=5.2.13)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-5766 Source advisory: OSV:GHSA-W26R-RMM8-9C29...
GHSA-P6X5-P4XF-CC4R Remote Code Execution (RCE) via String Literal Injection into math-codegen
Impact String literal content passed to cg.parse is injected verbatim into a new Function body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled input reaches the parser. Any application exposing a math evaluation endpoint where user input flo...
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-3902 via django (>=5.2.0 <=5.2.12)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-3902 Source advisory: OSV:GHSA-MVFQ-GGXM-9MC5...
MINI-V794-PHG5-CFCG
Bulletin has no description...
CVE-2026-25121 vulnerabilities
Vulnerabilities for packages: chainctl, dagdotdev, cg, amazon-ssm-agent...
CVE-2026-25122 vulnerabilities
Vulnerabilities for packages: chainctl, dagdotdev, cg, amazon-ssm-agent...
GHSA-5G94-C2WX-8PXW vulnerabilities
Vulnerabilities for packages: chainctl, dagdotdev, cg, amazon-ssm-agent...
GHSA-6P9P-Q6WH-9J89 vulnerabilities
Vulnerabilities for packages: chainctl, dagdotdev, cg, amazon-ssm-agent...