2851 matches found
CURL-CVE-2026-9546 sending old referer
A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result, the previous referrer string was erroneously...
CVE-2026-8705
The ClearSale Total plugin for WordPress is vulnerable to SQL Injection via the pagsegurometodo POST parameter of the clearsaletotalpush AJAX action in all versions up to, and including, 3.4.2. The handler is registered for unauthenticated users wpajaxnoprivclearsaletotalpush, and although a...
CVE-2026-8705
The CVE describes a SQL injection in the ClearSale Total WordPress plugin (versions <= 3.4.2). The vulnerability occurs via the pagseguro[metodo] POST parameter of the clearsale_total_push AJAX action, which is accessible to unauthenticated users (wp_ajax_nopriv_clearsale_total_push). Although...
EUVD-2026-38672
The ClearSale Total plugin for WordPress is vulnerable to SQL Injection via the pagsegurometodo POST parameter of the clearsaletotalpush AJAX action in all versions up to, and including, 3.4.2. The handler is registered for unauthenticated users wpajaxnoprivclearsaletotalpush, and although a...
rConfig <=3.9.4 - SQL Injection
rConfig 3.9.4 and prior has unauthenticated snippets.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10549 info: name: rConfig 3.9.4 or apply th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear the FFR context field in streaming SVE mode The FFR is a predicate register whose size can range from 16 to 256 bits, depending on the configured vector length. When saving the SVE state in streamin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fscache: Use waitonbit to wait for the relinquished volume to be freed. The freeing of the relinquished volume will wake up the pending volume acquisition by using wakeupbit. However, this approach conflicts with waitvarevent,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nbd: defer config put in recvwork There is one UAF issue in recvwork when running NBDCLEARSOCK and NBDCMDRECONFIGURE: - nbdgenlconnect // confref=2 connect and recvwork A - nbdopen // confref=3 - recvwork A completed //...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fixed the null-ptr-deref in neightableclear. When the IPv6 module is initialized, an error occurs in the middle. This results in a kernel panic with the following error message: KASAN: Nullptrderef in range...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: Truncating good inode pages when the hard link is 0 The value of the fileset for the inode copy from the disk by the reproducer is AGGRRESERVEDI. When the evict function is executed, its hard link number is 0, so its inode...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actskbmod: prevent kernel-infoleak The syzbot discovered that tcfskbmoddump was copying four bytes from the kernel stack to user space 1. The issue here is that ‘struct tcskbmod’ has a four-byte hole. We need to cle...
GHSA-VXR8-FQ34-VVX9 DOMPurify: Trusted Types policy survives `clearConfig()` and can poison later `RETURN_TRUSTED_TYPE` output
Impact A DOMPurify instance that is reused across trust boundaries can stay bound to a previously supplied TRUSTEDTYPESPOLICY even after clearConfig is called. A later caller that requests RETURNTRUSTEDTYPE receives a TrustedHTML object created by the old policy, not by a clean default...
DOMPurify: Trusted Types policy survives `clearConfig()` and can poison later `RETURN_TRUSTED_TYPE` output
Impact A DOMPurify instance that is reused across trust boundaries can stay bound to a previously supplied TRUSTEDTYPESPOLICY even after clearConfig is called. A later caller that requests RETURNTRUSTEDTYPE receives a TrustedHTML object created by the old policy, not by a clean default...
GHSA-FHV5-28VV-H8M8 PyJWKClient unbounded JWKS endpoint requests via attacker-controlled kid values (DoS)
!NOTE The vulnerability surfaces only when a JWKS fetch fails; an attacker can attempt to provoke that with sustained unknown-kid traffic, but the outcome depends on upstream JWKS-endpoint behavior rate limiting, transient errors which is beyond the attacker's control. Impact is reduced auth...
PyJWKClient unbounded JWKS endpoint requests via attacker-controlled kid values (DoS)
!NOTE The vulnerability surfaces only when a JWKS fetch fails; an attacker can attempt to provoke that with sustained unknown-kid traffic, but the outcome depends on upstream JWKS-endpoint behavior rate limiting, transient errors which is beyond the attacker's control. Impact is reduced auth...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
Critical: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
GHSA-J9RX-RPPG-6HH4 Anyquery has Path Traversal through `clear_plugin_cache`, Allowing Arbitrary Directory Deletion
Path Traversal in clearplugincache Allows Arbitrary Directory Deletion | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 | | Vulnerability | CWE-22 — Improper Limitation of a Pathname to a Restricted Directory | | Severity | High | Summa...
Anyquery has Path Traversal through `clear_plugin_cache`, Allowing Arbitrary Directory Deletion
Path Traversal in clearplugincache Allows Arbitrary Directory Deletion | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 | | Vulnerability | CWE-22 — Improper Limitation of a Pathname to a Restricted Directory | | Severity | High | Summa...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc126379...