40 matches found
CVE-2026-10634
Zephyr's native TCP stack iterates the global connection list in nettcpforeach subsys/net/ip/tcp.c using the SYSSLISTFOREACHCONTAINERSAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcplock while invoking the per-connection callback and re-acquired...
CVE-2026-10634
Zephyr's native TCP use-after-free (CVE-2026-10634) occurs in net_tcp_foreach() when the iterator releases tcp_lock before invoking the per-connection callback, allowing a concurrent tcp_conn_release() to free the next slab and cause a use-after-free on dereference. The patch moves the teardown i...
PT-2026-49241
Zephyr's native TCP stack iterates the global connection list in net tcp foreach subsys/net/ip/tcp.c using the SYS SLIST FOR EACH CONTAINER SAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcp lock while invoking the per-connection callback and...
BIT-KYVERNO-2026-41485 Kyverno Controller Denial of Service via forEach Mutation Panic
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...
Kyverno Controller Denial of Service via forEach Mutation Panic
Summary An unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller into a persistent CrashLoopBackOff. The same bug also causes the admission controller to drop connections and blo...
CVE-2026-41485
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...
CVE-2026-41485 Kyverno Controller Denial of Service via forEach Mutation Panic
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...
CVE-2026-41485 Kyverno Controller Denial of Service via forEach Mutation Panic
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...
CVE-2026-41485
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...
CVE-2026-41485
Kyverno statement: Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler can be triggered by a user with policy creation rights, causing the cluster-wide background controller to crash into a persistent CrashLoopBackOff and the admission controller to dr...
PT-2026-34849
Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.17.2 Kyverno versions prior to 1.16.4 Description An unchecked type assertion in the forEach mutation handler allows a user with permissions to create a Policy or ClusterPolicy to cause the cluster-wide background...
OSV-2026-609 Security exception in com.github.javaparser.ast.NodeList.forEach
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504814677 Crash type: Security exception Crash state: com.github.javaparser.ast.NodeList.forEach com.github.javaparser.ast.visitor.VoidVisitorAdapter.visit...
EUVD-2026-20775
UAC Unix-like Artifacts Collector before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the runcommand function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...
CVE-2026-40032 UAC < 3.3.0-rc1 Command Injection via Placeholder Substitution
UAC Unix-like Artifacts Collector before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the runcommand function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...
PT-2026-31469
UAC Unix-like Artifacts Collector before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the run command function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...
cc.chensoul.nacos:nacos-distribution (=2.5.2), com.buession.security:buession-security-spring (>=3.0.0 <=3.0.1) +521 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=5.8.0 <=5.8.16)
org.springframework.security:spring-security-web MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =4.5.0, =4.5.0, =4.5.1 and more Source cves: CVE-2026-22732 Source advisory: OSV:GHSA-MF92-479X-3373...
Security update for mybatis, ognl
This update for mybatis, ognl fixes the following issues: Version update to 3.5.7: Bug fixes: Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: Avoid NullPointerException when mapping an empty string to java.lang.Character. 2368 Fixed an incorrect argument when...
SUSE-SU-2025:03285-1 Security update for mybatis, ognl
This update for mybatis, ognl fixes the following issues: Version update to 3.5.7: Bug fixes: + Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: + Avoid NullPointerException when mapping an empty string to java.lang.Character. 2368 + Fixed an incorrect argument whe...
Linux Distros Unpatched Vulnerability : CVE-2024-22562
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dictforeachkeyvalue at swftools/lib/q.c. CVE-2024-22562 Note that Nessus reli...
OESA-2025-2145 cmake security update
CMake is used to control the software compilation process using simple platform and compiler independent configuration files. CMake generates native makefiles and workspaces that can be used in the compiler environment of your choice. CMake is quite sophisticated: it is possible to support comple...