12 matches found
RHCOS 4 : OpenShift Container Platform 4.4.8 openshift (RHSA-2020:2448)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2448 advisory. - kubernetes: Server side request forgery SSRF in kube-controller-manager allows users to leak secret information CVE-2020-8555 Note that...
CVE-2026-4448
creationtimestamp| type| source ---|---|--- 2026-03-22 04:00:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhmnvf5btp25 2026-03-24 01:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260324...
MiracleLinux 9 : dotnet6.0-6.0.123-1.el9.ML.1 (AXSA:2023-6529:25)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6529:25 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
PT-2025-42913
Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.4.8 Mastodon versions 4.4.0 through 4.4.7 Mastodon versions prior to 4.5.0-beta.2 Description Mastodon is a free, open-source social network server based on ActivityPub. A flaw exists where an attacker can bypass...
EUVD-2025-31350
Malicious code in bioql PyPI...
CVE-2025-59842
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to version 4.4.8, links generated with LaTeX typesetters in Markdown files and Markdown cells in JupyterLab and Jupyter Notebook did not include the noopener...
OESA-2025-2264 wireshark security update
Security Fixes: A vulnerability classified as problematic CWE-476 has been found in Wireshark versions 4.4.0 to 4.4.8. The application dereferences a pointer that it expects to be valid but is NULL, typically causing a crash or exit, impacting availability. Upgrading to version 4.4.9 eliminates...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in axios-1.6.1.tgz
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of axios-1.6.1.tgz Vulnerability Details CVEID:CVE-2025-27152 DESCRIPTION: axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to...
CVE-2024-40744
Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...
Important: dotnet6.0
Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 Affected Packages: dotnet6.0 Issue Correction: Run dnf update dotnet6.0...
Juniper Networks Junos OS 资源管理错误漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A resource management error vulnerability exists in the Juniper Networks Junos OS, which arises from an uncontrolled...
OPENSUSE-SU-2021:1426-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. bsc1183709 - CVE-2020-14312: Set --local-service by default bsc1173646. - Open inotify socket only when used bsc1180914. This update w...