CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

CVE-2026-22646

Technical details about CVE-2026-22646 are not publicly provided in the connected documents. The materials reiterate the exposure of internal system details but do not specify affected products, versions, exploit information, or remediation.

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

PT-2026-3023

Name of the Vulnerable Software and Affected Versions Omnispace Agora Project versions prior to 25.10 Description A cross site scripting XSS issue exists in Omnispace Agora Project. This allows attackers to execute arbitrary code through the notify parameter of the file controller, which is used ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002062 advisory. Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically proximate attacke...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2025-67078

Omnispace Agora Project contains a Cross Site Scripting (XSS) vulnerability in versions prior to 25.10. The issue arises in the file controller’s notify parameter used to display errors, enabling an attacker to execute arbitrary code in the context of the affected user. The CVE is documented acro...

Juniper Networks Junos OS security vulnerabilities

Juniper Networks Junos OS is a network operating system specifically designed for hardware devices used by Juniper Networks. This operating system provides secure programming interfaces and the Junos SDK. There were security vulnerabilities in versions of Junos OS prior to 24.4R2, as well as...

PT-2026-3013

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003018 advisory. In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory...

CVE-2025-71136 media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It's possible for cpread and hdmiread to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return...

CVE-2025-71136

CVE-2025-71136 affects the Linux kernel’s media: adv7842 path. The vulnerability arises when cp_read() or hdmi_read() return -EIO and these values are used as indexes in arrays within adv7842_cp_log_status(), causing possible out-of-bounds accesses. The issue is resolved by adding checks on retur...

SUSE CVE-2026-0878

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

ROS-20260114-7317

A vulnerability in the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...