80 matches found
CVE-2026-14793
A vulnerability was detected in Craft CMS up to 4.18.0.1. Affected is the function actionReorderSets of the file src/controllers/GlobalsController.php of the component reorder-sets Endpoint. The manipulation results in authorization bypass. The attack can be executed remotely. Upgrading to versio...
Important: Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2026-50129
Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.11, 4.4.18, and 4.3.24, a DoS can be triggered by Uncaught Exception vulerability, due to missing exception handling in the math sanitizer. Malformed nodes can result in a DoS of a whole server or targeted...
CVE-2026-50128
Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...
RHEL 8 : kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_143_1, and kpatch-patch-4_18_0-477_97_1 (RHSA-2026:28748)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28748 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
RHEL 8 : kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 (RHSA-2026:28749)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28749 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images
Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Moderate: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images
Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release
The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...
Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release
The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...
RHEL 8 : kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 (RHSA-2026:23471)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23471 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images
Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
MiracleLinux 8 : kernel-4.18.0-553.124.4.el8_10 (AXSA:2026-707:36)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-707:36 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no ...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 security and extras update
Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
RHSA-2026:15976 Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update
Bulletin has no description...
RHCOS 4 : OpenShift Container Platform 4.18.25 (RHSA-2025:16729)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16729 advisory. - podman: Build Context Bind Mount CVE-2025-4953 Note that Nessus has not tested for this issue but has instead relied only on the...
Flexense SysGauge 安全漏洞
Flexense SysGauge is a system analysis tool developed by Flexense Corporation, designed for real-time monitoring of system performance and resource usage. Version 4.5.18 of Flexense SysGauge contains a security vulnerability. This vulnerability stems from a buffer overflow in the proxy...
Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release
The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...
GHSA-XQ8M-7C5P-C2R6 Auth0 Next.js SDK has Improper Proxy Cache Lookup
Description In affected versions of the Next.js SDK, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Which Projects are Affected? Users are affected if they meet all of the following preconditions: -...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the ACK frame decoding. An attacker can gain elevated privileges by sending specially crafted network packets that trigger an integer underflow during frame parsing. Remediation Upgrade...