2603 matches found
CVE-2026-56772
NewsBlur
Tridium Niagara Use of a Broken or Risky Cryptographic Algorithm (CVE-2025-3938)
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before...
CVE-2026-52940
A flaw was found in the Linux kernel's tun driver. An unprivileged user can exploit this vulnerability by setting the virtual network vnet header size to 24 bytes. This action causes the kernel to copy partially initialized stack memory to userspace when reading non-tunnel packets, leading to the...
RHSA-2026:28740 Red Hat Security Advisory: kpatch-patch-5_14_0-570_116_1, kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 security update
Bulletin has no description...
RHSA-2026:28738 Red Hat Security Advisory: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_113_1, kpatch-patch-5_14_0-427_126_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update
Bulletin has no description...
RHSA-2026:28581 Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2026:28247 Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update
Bulletin has no description...
CVE-2026-50193
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if and only if the service reads deeply nested 1000s of levels JSON as JsonNode...
Important: Red Hat Security Advisory: python3.14-urllib3 security update
An update for python3.14-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PT-2026-51594
Name of the Vulnerable Software and Affected Versions jackson-databind versions 2.13.0 through 2.13.x Description A potential Denial-of-Service exists when a service reads deeply nested JSON thousands of levels as a JsonNode using the readTree function of ObjectMapper and subsequently writes that...
CVE-2026-54280
CVE-2026-54280 affects the AIOHTTP project (async HTTP client/server for asyncio/Python). Before version 3.14.1, payload resources may not be closed correctly if a client disconnects mid-write, allowing temporary resource starvation when a payload uses a limited resource (e.g., open files). The i...
CVE-2026-54275
CVE-2026-54275 (aiohttp) affects the aiohttp package prior to 3.14.1. The issue is a TLS server_hostname SNI check bypass that occurs when an existing connection is reused for multiple requests with different per-request server_hostname values. As a result, later requests to the same domain may r...
EUVD-2026-38179
Craft CMS versions = 5.0.0-RC1, = 4.0.0-RC1, = 4.17.7 contain an authorization bypass in the assets/preview-file endpoint. The action does not enforce per-asset view authorization before returning preview content, allowing an authenticated low-privileged user to supply a controlled assetId for an...
CVE-2026-56382
Craft CMS (composer package craftcms/cms)
CVE-2014-1807
creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:35+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/61c889c7-18b4-4d45-bf5c-267490da7fa7 2026-06-23 14:04:07+00:00| exploited|...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug that affects all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changi...
Astra Linux – Vulnerability in cifs-utils
In cifs-utils up to version 6.14, a stack-based buffer overflow occurs when parsing the mount.cifs ip= command-line argument. This vulnerability could allow local attackers to gain root privileges...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign normalizedpixclk when color depth = 14 WHY & HOW A warning message appears: “WARNING: CPU: 4 PID: 459 at …/dcresource.c:3397 calculatephypixclks+0xef/0x100 amdgpu”. This occurs because the condition...
Astra Linux – Vulnerability in Nasm
In libnasm.a of Netwide Assembler NASM 2.14.xx, asm/pragma.c allows for a NULL pointer dereferencing in processpragma, searchpragmalist, and nasmsetlimit when "%pragma limit" is mishandled...
Astra Linux – Vulnerability in WebKit2GTK
A logic issue has been addressed through improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4, and iPadOS 14.4. A remote attacker may be able to execute arbitrary code. Apple is aware of a report indicating...