170 matches found
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: spicedb, crossplane-provider-aws-inspector, kor, crossplane-provider-aws-vpclattice-fips, cluster-api-provider-vsphere, pinact, crossplane-provider-aws-cloudtrail, crossplane-provider-aws-wafregional, crossplane-provider-aws-pinpoint,...
CVE-2026-42505 vulnerabilities
Vulnerabilities for packages: spicedb, crossplane-provider-aws-inspector, kor, crossplane-provider-aws-vpclattice-fips, cluster-api-provider-vsphere, pinact, crossplane-provider-aws-cloudtrail, crossplane-provider-aws-wafregional, crossplane-provider-aws-pinpoint,...
GHSA-R56H-J38W-HRQQ vulnerabilities
Vulnerabilities for packages: longhorn-share-manager, longhorn-share-manager-fips, eks-distro, argo-cd-fips, azurefile-csi-fips, azuredisk-csi, longhorn-manager-fips, rke2-runtime-fips, harvester-fips, cluster-autoscaler-fips, kubernetes-csi-driver-hostpath, rancher-system-agent, longhorn-manager...
CVE-2024-7598 vulnerabilities
Vulnerabilities for packages: longhorn-share-manager, longhorn-share-manager-fips, eks-distro, argo-cd-fips, azurefile-csi-fips, azuredisk-csi, longhorn-manager-fips, rke2-runtime-fips, harvester-fips, cluster-autoscaler-fips, kubernetes-csi-driver-hostpath, rancher-system-agent, longhorn-manager...
Linux Distros Unpatched Vulnerability : CVE-2026-53044
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc/tegra: cbb: Fix incorrect ARRAYSIZE in fabric lookup tables Fix incorrect ARRAYSIZE usage in fabric lookup tables which could cause out-of-bounds access...
PT-2026-48397
Name of the Vulnerable Software and Affected Versions Debusine affected versions not specified Description Debusine uses a parser to read Debian source packages .dsc and upload artifacts .changes, which are manifest files listing the components of an artifact. This parser accepts arbitrary paths...
Linux Distros Unpatched Vulnerability : CVE-2026-45073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, PdoAdapter::doCle...
PT-2026-36686
Pre-show: Two thirds of your hosts are sick 🤧 Follow-up: Backblaze & cloud backups Carbon Copy Cloner & Backblaze via Barry Rubenstein Support document Maestral Arq’s approach via Daniel Luz Neo-ing… other things Mythos What makes this different via William Moran GPT-5.5 is equivalent? cURL...
Exploit for CVE-2026-31431
copy-fail-fix Per-distro mitigation scripts for CVE-2026-314...
[SECURITY] Fedora 42 Update: PackageKit-1.3.4-3.fc42
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
[SECURITY] Fedora 43 Update: PackageKit-1.3.4-3.fc43
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
[SECURITY] [DLA 4548-1] distro-info-data database update
Debian LTS Advisory DLA-4548-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera April 25, 2026 https://wiki.debian.org/LTS Package : distro-info-data Version : 0.51+deb11u11 This is a routine update of the distro-info-data database for Debian LTS users. It updates t...
Debian dla-4548 : distro-info-data - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4548 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4548-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] Fedora 44 Update: PackageKit-1.3.4-3.fc44
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
Linux Distros Unpatched Vulnerability : CVE-2026-3939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF fil...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: cluster-api-aws-controller-fips, qemu-guesthelper, bom, minio-object-browser, spicedb, step-fips, knative-net-istio-fips, kyverno-policy-reporter-fips, cluster-api-provider-vsphere, terraform-provider-google, cluster-api-helm-controller-fips,...
CVE-2025-11224
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality...
CVE-2021-31828
An SSRF issue in Open Distro for Elasticsearch ODFE before 1.13.1.0 allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Alerting plugin's intended scope...
GHSA-56W8-48FP-6MGV vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, rke2-runtime-fips, gitlab-rails-ce-fips, consul-k8s, falco-no-driver, cert-manager-fips, backup-restore-operator, terraform, k3s, vault...
CVE-2025-47913 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, rke2-runtime-fips, gitlab-rails-ce-fips, consul-k8s, falco-no-driver, cert-manager-fips, backup-restore-operator, terraform, k3s, vault...