52721 matches found
CVE-2026-58015
A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...
UBUNTU-CVE-2026-50734
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...
UBUNTU-CVE-2026-53916
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...
CVE-2026-40987
A flaw was found in Spring Integration. A malicious or compromised FTP File Transfer Protocol, SFTP SSH File Transfer Protocol, or SMB Server Message Block server can exploit this vulnerability. This allows the server to write arbitrary files with attacker-controlled content to any location on th...
ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments
A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...
CVE-2026-50734
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, and Apache ActiveMQ All allows an unauthenticated network attacker to cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The broker may allocate memor...
EUVD-2026-40282
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...
EUVD-2026-40278
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...
postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory
A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...
PT-2026-53999
Name of the Vulnerable Software and Affected Versions Invoice Ninja versions prior to 5.13.27 Description An open redirect exists in the client portal login. Unauthenticated attackers can redirect authenticated users to external URLs by injecting a malicious value into the intended query paramete...
PT-2026-53916
Name of the Vulnerable Software and Affected Versions OpenZiti versions prior to 2.0.1 Description A privilege escalation flaw exists in the controller enrollment management path. An authenticated non-admin identity with fine-grained enrollment management permissions can create enrollments for an...
PT-2026-53979
Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can bypass security controls and perform unauthorized actions. This occurs because security checks that should be enforced on the server are instead...
PT-2026-53992
Name of the Vulnerable Software and Affected Versions DCMTK affected versions not specified Description A compromised or malicious server can force a client to write files outside the designated output directory. This occurs when the client uses the bit-preserving C-GET storage mode, allowing the...
PT-2026-53874
Name of the Vulnerable Software and Affected Versions GLib affected versions not specified Description A flaw exists in the D-Bus client-side implementation of the DBUS COOKIE SHA1 SASL authentication mechanism. The system fails to validate the cookie context parameter received from the server. A...
Important: Red Hat Security Advisory: kpatch-patch-5_14_0-687_10_1 security update
An update for kpatch-patch-5140-687101 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
CVE-2026-56124
phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...
CVE-2026-58051
A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Mitigation To mitigate this issue, ensure your applications connect only to trusted and...