19119 matches found
EyouCMS 安全漏洞
EyouCMS is an open-source content management system CMS developed by Eyou Corporation in China, based on ThinkPHP. EyouCMS versions 1.7.1 and earlier have security vulnerabilities. These vulnerabilities stem from the handling of the filename parameter in the file...
Exploit for CVE-2026-4484
CVE-2026-4484 Masteriyo LMS = 2.1.6 - Missing Authorizatio...
GHSA-CQRX-3M42-5P5W vulnerabilities
Vulnerabilities for packages: git-credential-oauth, aws-application-networking-k8s, container-object-storage-interface, dapr, mattermost, buf, knative-eventing, verticadb-operator, influx, gitlab-kas, nri-consul, kubernetes-csi-external-attacher, fuse-overlayfs-snapshotter,...
GHSA-CFP9-33RC-J74F vulnerabilities
Vulnerabilities for packages: git-credential-oauth, aws-application-networking-k8s, container-object-storage-interface, dapr, mattermost, buf, knative-eventing, verticadb-operator, influx, gitlab-kas, nri-consul, kubernetes-csi-external-attacher, fuse-overlayfs-snapshotter,...
CVE-2026-27144 vulnerabilities
Vulnerabilities for packages: git-credential-oauth, aws-application-networking-k8s, container-object-storage-interface, dapr, mattermost, buf, knative-eventing, verticadb-operator, influx, gitlab-kas, nri-consul, kubernetes-csi-external-attacher, fuse-overlayfs-snapshotter,...
CVE-2026-27143 vulnerabilities
Vulnerabilities for packages: git-credential-oauth, aws-application-networking-k8s, container-object-storage-interface, dapr, mattermost, buf, knative-eventing, verticadb-operator, influx, gitlab-kas, nri-consul, kubernetes-csi-external-attacher, fuse-overlayfs-snapshotter,...
GHSA-CQRX-3M42-5P5W vulnerabilities
Vulnerabilities for packages: net-kourier, gofumpt, longhorn-engine, coredns-fips, argo-workflows-fips, http-echo, cloud-provider-azure, terraform, apache-beam-java-sdk, gitaly, aws-flb-kinesis-fips, nats-top, percona-server-mongodb-operator, knative-eventing-fips, redka, howdy-yall,...
GHSA-CFP9-33RC-J74F vulnerabilities
Vulnerabilities for packages: net-kourier, gofumpt, longhorn-engine, coredns-fips, argo-workflows-fips, http-echo, cloud-provider-azure, terraform, apache-beam-java-sdk, gitaly, aws-flb-kinesis-fips, nats-top, percona-server-mongodb-operator, knative-eventing-fips, redka, howdy-yall,...
CVE-2026-27144 vulnerabilities
Vulnerabilities for packages: net-kourier, gofumpt, longhorn-engine, coredns-fips, argo-workflows-fips, http-echo, cloud-provider-azure, terraform, apache-beam-java-sdk, gitaly, aws-flb-kinesis-fips, nats-top, percona-server-mongodb-operator, knative-eventing-fips, redka, howdy-yall,...
CVE-2026-27143 vulnerabilities
Vulnerabilities for packages: net-kourier, gofumpt, longhorn-engine, coredns-fips, argo-workflows-fips, http-echo, cloud-provider-azure, terraform, apache-beam-java-sdk, gitaly, aws-flb-kinesis-fips, nats-top, percona-server-mongodb-operator, knative-eventing-fips, redka, howdy-yall,...
EUVD-2026-23442
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2026-6284
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
ch.exense.commons:exense-auth-ldap (>=1.3.0 <=1.3.1), ch.exense.commons:exense-core-server (>=1.3.0 <=1.3.1) +12 more potentially affected by CVE-2026-40458 +1 more via org.pac4j:pac4j-ldap (>=4.0.0 <=4.4.0)
org.pac4j:pac4j-ldap MAVEN version =4.0.0, =1.3.0, =1.3.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =3.14.0, =1.0.0.RELEASE, =1.0.1.RELEASE Source cves: CVE-2026-40458, CVE-2026-40459 Source advisory: SNYK:JAVA-ORGPAC4J-16109662...
CVE-2026-6284
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
USN-8185-1: Linux kernel (NVIDIA) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8184-1: Linux kernel (Real-time) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
GHSA-XM5M-WGH2-RRG3 vulnerabilities
Vulnerabilities for packages: docker, trivy, falcoctl, tekton-chains, trivy-operator, policy-controller, tflint, goreleaser, kyverno, spire-server, kyverno-notation-aws, zot, gh, tkn, flux-source-controller, vexctl, crossplane, buildkitd, witness, sigstore-scaffolding, skaffold, kubescape,...
CVE-2026-39984 vulnerabilities
Vulnerabilities for packages: docker, trivy, falcoctl, tekton-chains, trivy-operator, policy-controller, tflint, goreleaser, kyverno, spire-server, kyverno-notation-aws, zot, gh, tkn, flux-source-controller, vexctl, crossplane, buildkitd, witness, sigstore-scaffolding, skaffold, kubescape,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007584)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007584 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fec: remove .ndopollcontroller to avoid deadlocks There is a deadlock issue found in sungem...