1842 matches found
CVE-2026-43254
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...
PT-2026-37594
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpn tcp recv, we receive large cloned skbs from strp rcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...
GHSA-JRM4-4PCF-4763 ciguard: Container image runs as root (no USER directive)
Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...
OPENSUSE-SU-2026:20676-1 Security update for build, product-composer
This update for build, product-composer fixes the following issues: Changes in build: - Support a new "IgnoreRebuild" config. - build-recipe-kiwi: Add support for oci containers Avoid needlessly compressing container images Detect container images based on build result file name - Fix queryrecipe...
SUSE-SU-2026:21422-1 Security update for libsodium
This update for libsodium fixes the following issues: Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...
RowHammer Vulnerability Counter (RVC): Redefining RowHammer Detection with Victim-Centric Tracking
The Rowhammer vulnerability poses an increasing challenge with newer generations of DRAM and aggressive technology scaling. Existing mitigation techniques, such as Graphene, Twice, and Hydra, primarily rely on tracking activation counts for each row and issuing refreshes when a row reaches a...
Analysis of Personal Data Exposure in Thailand
In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...
Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation
Organisations operating within information-intensive environments face intensifying pressure to formalise the governance of information security. The ISO/IEC 27001:2022 standard provides a globally recognised framework for establishing, implementing, maintaining, and continually improving an...
Important: Red Hat Security Advisory: OpenJDK 25.0.3 Security Update for Portable Linux Builds
An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...
ALSA-2026:9683 Important: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...
Important: java-17-openjdk security update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...
RHEL 7 : java-1.8.0-openjdk (RHSA-2026:9682)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9682 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013768)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013768 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 6553...
OPENSUSE-SU-2026:20584-1 Security update for v2ray-core
This update for v2ray-core fixes the following issues: Changes in v2ray-core: - Update version to 5.47.0 Add sticky choice option for leastping Add support for enrollment links in tlsmirror Add Wireguard Outbound unreleased Add sticky choice option for leastping Generalize IP address parsing in T...
BIT-GRAFANA-2026-27877 Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
SUSE CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources’ passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
Security update for salt (important)
openSUSE security update: security update for salt ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20412-1 Rating: important References: bsc1240532 bsc1246130 bsc1254325 bsc1254903 bsc1254904 bsc1254905 Cross-References: CVE-2025-13836 CVE-2025-6772...
GHSA-3Q27-7QJQ-P9C5 Grafana public dashboards disclose all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...
Grafana public dashboards disclose all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...