openSUSE 16 Security Update : docker-stable (openSUSE-SU-2026:20366-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20366-1 advisory. - CVE-2025-58181: Fixed unbounded memory consumption. bsc1253904 - CVE-2025-30204: Fixed a bug in jwt-go which allows excessive memory allocatio...

ROS-20260319-73-0008

A vulnerability in the indocker plugin of the extractname function of the Fluent Bit log collection and processing tool is related to a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Security Engineer — Test Task A self-contained Docker environ...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 — Apache HTTP Server 2.4.49 Path Traversal / RC...

Heimdall: Path received via Envoy gRPC corrupted when containing query string

Summary When using heimdall in envoy gRPC decision API mode, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. The HTTP based decision API is NOT affected, and proxy mode is NOT affected either. Note: The issue can only lead to unintended acces...

Exploit for CVE-2026-32746

autohack Autonomous security research framework. Inspired by...

Malicious code in aboba-docker-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f70d5c9dc1e1da906b5cf42b16c19dcfdb4d626d01b055abfe97d2d7e0c69a The package aboba-docker-check was found to contain malicious code...

MAL-2026-1644 Malicious code in aboba-docker-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f70d5c9dc1e1da906b5cf42b16c19dcfdb4d626d01b055abfe97d2d7e0c69a The package aboba-docker-check was found to contain malicious code...

PT-2026-26217

Name of the Vulnerable Software and Affected Versions NLTK versions 3.9.3 and prior Description NLTK Natural Language Toolkit contains a reflected cross-site scripting XSS issue in the lookup ... route of nltk.app.wordnet app. A crafted lookup URL can inject arbitrary HTML/JavaScript into the...

Security update for docker-stable (important)

openSUSE security update: security update for docker-stable ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20366-1 Rating: important References: bsc1240513 bsc1253904 bsc1254206 Cross-References: CVE-2025-30204 CVE-2025-58181 CVSS scores:...

Exploit for Code Injection in Vmware Spring_Framework

CVE-2022-22965 · Spring4Shell 취약점 교육 실습 ⚠️ 경고 Warning...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2026-1603)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2026-1575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-H5VH-M7FG-W5H6 SiYuan globalCopyFiles: incomplete sensitive path blocklist allows reading /proc and Docker secrets

Summary POST /api/file/globalCopyFiles reads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin can copy /proc/1/environ or Docker secrets into the workspace an...

SiYuan globalCopyFiles: incomplete sensitive path blocklist allows reading /proc and Docker secrets

Summary POST /api/file/globalCopyFiles reads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin can copy /proc/1/environ or Docker secrets into the workspace an...

OPENSUSE-SU-2026:20366-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2025-58181: Fixed unbounded memory consumption. bsc1253904 - CVE-2025-30204: Fixed a bug in jwt-go which allows excessive memory allocation during header parsing. bsc1240513...

EUVD-2025-208725

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

CVE-2025-10461

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

CVE-2025-10461 Global file reads caused by improper URL checks in webserver

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

CVE-2025-10461 Global file reads caused by improper URL checks in webserver

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...