3674 matches found
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.
The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...
CVE-2026-61861 ImageMagick before 7.1.2-26 Use-After-Free in FormatMagickCaption
ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...
CVE-2026-57217
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup errors from Khepri can collapse to undefined, which the internal backe...
ROS-20260708-73-0048
The vulnerability in dovecot is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...
PYSEC-2026-784 Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Summary The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. Severity...
DEBIAN-CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
CVE-2026-9699
Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...
CVE-2026-9699
Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...
[SECURITY] Fedora 44 Update: goose-1.36.0-1.fc44
Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...
ROS-20260625-73-0004
The vulnerability in gnutls is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a remote attacker to cause service failures...
ROS-20260625-73-0002
The vulnerability in gnutls is related to errors in processing parameter values related to input data length. Exploiting this vulnerability can allow a remote attacker to cause service failures...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: bcm-sba-raid: Fixed a device leak during probe failures and when the driver unbind the device. Make sure to remove the references made when looking up the mailbox device during probe failures and when the driver...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: drm/imx/tve: fixed the probe device leak. Make sure to remove the reference to the DDC device during probe operations when there is a probe failure e.g., probe deferral, as well as during the driver unbinding process...
EUVD-2026-38752
Capgo before 12.128.2 contains a denial of service vulnerability in the /auth/v1/otp endpoint that prevents email verification for two-factor authentication due to captcha validation failures. Authenticated users cannot complete 2FA enrollment as the backend consistently returns HTTP 500 errors...
EUVD-2026-38239
AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...
kernel: bnxt_en: Fix RSS context delete logic
A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...
The vulnerability in the Graphics component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to cause a service failure.
The vulnerability of the Graphics component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient testing of unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
ROS-20260622-73-0036
The vulnerability of the consumePhrase function in the Go programming language is related to insufficient validation of input data during the analysis of email addresses. Exploiting this vulnerability could allow a remote attacker to cause service failures...
ROS-20260622-73-0021
The vulnerability in Thunderbird is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...
ROS-20260622-73-0018
The vulnerability in Firefox is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service failures...