37 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.22 bug fix and security update
Red Hat OpenShift Container Platform release 4.21.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...
Astra Linux – Vulnerability in libtasn1-6
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data, resulting in a buffer overflow in asn1expendoctetstring...
PT-2026-44214
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headline' parameter in the shariff shortcode in all versions up to, and including, 4.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2026-44511
Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the...
EUVD-2026-30329
Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the...
CVE-2026-44511 Katalyst Koi: Session cookies can be replayed after user logout
Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the...
Katalyst Koi 代码问题漏洞
Katalyst Koi is an open-source framework developed by Katalyst Interactive for building and managing backend features. Versions of Katalyst Koi prior to 4.20.0 and 5.6.0 contained code vulnerabilities. These vulnerabilities stemmed from the fact that the administrator session cookie did not expir...
@beardeddudes/strapi-types (>=0.1.0 <=0.1.1), @bimbeo160/admin (=4.12.2) +70 more potentially affected by CVE-2026-22599 via @strapi/plugin-content-type-builder (>=4.0.0-next.10 <=4.26.0)
@strapi/plugin-content-type-builder NPM version =4.0.0-next.10, =0.1.0, =4.12.2, =0.0.1, =1.0.9, =1.3.2, =4.1.12, =0.2.0, =1.0.0-alpha.2, =1.1.0, =1.4.0-rc.0 - @mtcndyl/strapi-plugin-firebase-auth =1.0.3 and more Source cves: CVE-2026-22599 Source advisory:...
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.20.3 bug fix release bsc1027519 jscPED-8907. CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v...
EUVD-2026-25794
JmsBinding.extractBodyFromJms in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject without applying any ObjectInputFilter, class allowlist or class denylist. Because this code path is...
WordPress Accessibility Suite by Ability, Inc plugin <= 4.20 - Authenticated (Subscriber+) SQL Injection via 'scan_id' Parameter vulnerability
Authenticated Subscriber+ SQL Injection via 'scanid' Parameter vulnerability discovered by Victor Pasman in WordPress Plugin Accessibility Suite versions = 4.20...
WordPress plugin Accessibility Suite by Ability, Inc 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.18 security and extras update
Red Hat OpenShift Container Platform release 4.20.18 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20.9 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.20.9 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.20.9 security, enhancement & bug fix update...
EUVD-2026-15557
Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...
CVE-2026-24362
CVE-2026-24362 is a concrete, vendor-confirmed vulnerability affecting Ultimate Post Kit Addons for Elementor (bdthemes Ultimate Post Kit)
RHEA-2025:4782 Red Hat Enhancement Advisory: OpenShift Container Platform 4.20.z packages update
Bulletin has no description...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update...
UBUNTU-CVE-2025-13151
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...
CVE-2025-62017
CVE-2025-62017: A Missing Authorization (Broken Access Control) vulnerability affects the hogash KALLYAS WordPress Theme up to version 4.22.0. Public documentation from Red Hat and NVD confirms a Missing Authorization issue in Kallyas, with impact described as unauthorized access. The vulnerabili...