74049 matches found
AWS VDP: Health check errors silently dropped when channel buffer full
Component: pkg/plugin/plugin.go:153-156, pkg/plugin/pluginv2.go:156-158 Affected Version: aws-encryption-provider @ 4341c70 all versions Found by: Source audit TLP: TLP:Amber --- Summary When KMS operations fail, the error is sent to a buffered channel healthCheckErrc, size 100 via a non-blocking...
SUSE CVE-2026-23273
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlancommonnewlink error path valis reported that a race condition still happens after my prior patch. macvlancommonnewlink might have made @dev visible before detecting an error, and its...
UltraVNC Viewer 缓冲区错误漏洞
UltraVNC Viewer is a remote desktop client developed by UltraVNC Corporation. Version 1.2.2.4 of UltraVNC Viewer contains a buffer error vulnerability. This vulnerability stems from a denial-of-service attack on the VNC Server’s input fields, which could allow attackers to cause the application t...
HeidiSQL 缓冲区错误漏洞
HeidiSQL is an open-source database management graphical interface tool developed by HeidiSQL. Version HeidiSQL 10.1.0.5464 contains a buffer error vulnerability. This vulnerability stems from a denial-of-service vulnerability in the password field, which could allow local attackers to cause the...
SUSE SLES15 Security Update : kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7 RT) (SUSE-SU-2026:0945-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0945-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: -...
OpenClaw 访问控制错误漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that stems from the BlueBubbles webhook handler containing a passwordless fallback authentication path, which can be exploited by an attacker to cause an...
Syft improper temporary file cleanup
Impact Syft versions before v1.42.3 would not properly cleanup temporary storage if the temporary storage was exhausted during a scan. When scanning archives Syft will unpack those archives into temporary storage then inspect the unpacked contents. Under normal operation Syft will remove the...
GHSA-QPC3-FG4J-8HGM Parse Server has a protected field change detection oracle via LiveQuery watch parameter
Impact An attacker can subscribe to LiveQuery with a watch parameter targeting a protected field. Although the protected field value is properly stripped from event payloads, the presence or absence of update events reveals whether the protected field changed, creating a binary oracle. For boolea...
Parse Server has a protected field change detection oracle via LiveQuery watch parameter
Impact An attacker can subscribe to LiveQuery with a watch parameter targeting a protected field. Although the protected field value is properly stripped from event payloads, the presence or absence of update events reveals whether the protected field changed, creating a binary oracle. For boolea...
GHSA-9F94-5G5W-GF6R CRL Distribution Point Scope Check Logic Error in AWS-LC
Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...
CRL Distribution Point Scope Check Logic Error in AWS-LC
Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...
CVE-2026-33312 Read-only Vikunja users can delete project background images via broken object-level authorization
Vikunja is an open-source self-hosted task management platform. Starting in version 0.20.2 and prior to version 2.2.0, the DELETE /api/v1/projects/:project/background endpoint checks CanRead permission instead of CanUpdate, allowing any user with read-only access to a project to permanently delet...
OESA-2026-1664 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code...
CVE-2026-31382
The errordescription parameter is vulnerable to Reflected XSS. An attacker can bypass the domain's WAF using a Safari-specific onpagereveal payload...
Security update for
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.25 fixes various security issues The following security issues were fixed: CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass...
CVE-2026-31382 Gainsight Assist reflected XSS/HTML injection
The errordescription parameter is vulnerable to Reflected XSS. An attacker can bypass the domain's WAF using a Safari-specific onpagereveal payload...
CVE-2026-31382 Gainsight Assist reflected XSS/HTML injection
The errordescription parameter is vulnerable to Reflected XSS. An attacker can bypass the domain's WAF using a Safari-specific onpagereveal payload...
CVE-2026-31382
CVE-2026-31382 (Gainsight Assist) is a reflected XSS in the error_description parameter. An attacker can bypass a domain WAF using a Safari-specific onpagereveal payload, enabling HTML/script injection. Public sources in the connected set confirm the vulnerability type as reflected XSS/HTML injec...
CVE-2026-31382
The errordescription parameter is vulnerable to Reflected XSS. An attacker can bypass the domain's WAF using a Safari-specific onpagereveal payload...
CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)
Overview Rapid7 Labs recently identified a chain of security vulnerabilities in the Gainsight Assist plugin and its interactions with the associated domain app.gainsight.com. These vulnerabilities include an Information Disclosure flaw CVE-2026-31381 and a Reflected Cross-Site Scripting XSS...