29728 matches found
Cisco Secure Web Appliance 安全漏洞
Cisco Secure Web Appliance is an application developed by the American company Cisco. It is used to protect websites. There is a security vulnerability in Cisco Secure Web Appliance, which stems from the dynamic vector and stream engine’s improper handling of certain archive files. This...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
CVE-2026-1341
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control, allowing an attacker to take full control of the device. The issue, documented across multiple sources (NVD, Red Hat, ENISA EUVD, CVE listing), indicates a network-accessible int...
CVE-2026-1341 Missing Authentication for Critical Function in Avation Light Engine Pro
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control...
EUVD-2026-5161
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-1862
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-1862
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Improper Neutralization of Special Elements Used in a Template Engine
Overview com.hubspot.jinjava:jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates at least the subset of jinja in use in HubSpot content. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a...
BIT-KYVERNO-2026-23881 Kyverno Denial of Service via Context Variable Amplification in Policy Engine
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...
*Avation Light Engine Pro *
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to take full control of the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...
PT-2026-6040
Name of the Vulnerable Software and Affected Versions Avation Light Engine Pro affected versions not specified Description Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control, granting attackers full control over critical lighting...
Avation Light Engine Pro 访问控制错误漏洞
Avation Light Engine Pro is a high-performance search and navigation enhancement plugin developed by the Australian company Avation. Avation Light Engine Pro has a security vulnerability related to access control. This vulnerability arises from the fact that its configuration and control interfac...
PT-2026-6337
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 144.0.7559.132 contained a security vulnerability caused by type confusion in the V8 engine. This vulnerability could allow exploitation through specially crafted HTML pages that exploit he...
CVE-2026-22778 vLLM leaks a heap address when PIL throws an error
vLLM is an inference and serving engine for large language models LLMs. From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guess...
GO-2026-4382 Kyverno Denial of Service via Context Variable Amplification in Policy Engine in github.com/kyverno/kyverno
Kyverno Denial of Service via Context Variable Amplification in Policy Engine in github.com/kyverno/kyverno...
CVE-2025-71189
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...
Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2026-1193)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...