7508 matches found
Vtiger CRM v7.2.0 - Directory Listing
Vtiger CRM v7.2.0 contains a directory traversal vulnerability caused by improper access controls in /libraries and /layout directories, letting attackers display hidden files and list directories, exploit requires no authentication. id: CVE-2020-19363 info: name: Vtiger CRM v7.2.0 - Directory...
PYSEC-2026-1452 Home Assistant does not correctly validate SSL for outgoing requests in core and used libs
Summary Problem: Potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. Details In the past, aiohttp-session/request had the parameter verifyssl to control SSL certificate verification. This was a boolean value. In...
PYSEC-2026-1209 Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
Security Bulletin: IBM Quantum Safe Remediator is affected by mutiple vulnerabilities
Summary The vulnerabilities are found in the dependent open source libraries used in IBM Quantum Safe Remediator code base. IBM Quantum Safe Remediator has addressed these vulnerabilities by updating the versions of the affected libraries. Vulnerability Details CVEID:CVE-2026-39824 DESCRIPTION:...
ROOT-OS-UBUNTU-2404-CVE-2025-21751 CVE-2025-21751 in rootio-linux - Patched by Root
Root has patched CVE-2025-21751 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
[SECURITY] Fedora 44 Update: mariadb10.11-10.11.18-2.fc44
MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...
openSUSE 16 Security Update : google-osconfig-agent (openSUSE-SU-2026:21210-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21210-1 advisory. This update for google-osconfig-agent fixes the following issues - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too...
SUSE-SU-2026:2733-1 Security update for buildah
This update for buildah fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267179. - CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE...
SUSE-SU-2026:22451-1 Security update for podman
This update for podman fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. - CVE-2026-39827: Invoking memory leak when rejecting channels can lead to Do...
CVE-2026-13165
SzafirHost verifies the downloaded native library archive with one JarFile parser reading the Central Directory but extracts native libraries with JarInputStream parser reading sequentially from local file headers. An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as...
Important: perl-IO-Compress security update
This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 i.e. gzip and zip files/buffers. The following modules used to be distributed...
[SECURITY] Fedora 43 Update: dotnet10.0-10.0.109-1.fc43
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 44 Update: dotnet8.0-8.0.128-1.fc44
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 44 Update: dotnet9.0-9.0.118-1.fc44
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
CVE-2024-23581
CVE-2024-23581 concerns the HCL Traveler for Microsoft Outlook libraries (HTMO). The vulnerability is described as an application modification issue that causes the HTMO libraries to be flagged as potentially malicious or unrecognized applications. Reports across multiple feeds (NVD, CVE records,...
EUVD-2024-55645
The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application...
CVE-2024-23581
The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application...
CVE-2025-11919 Unprotected temporary directories in Wolfram Cloud may result in privilege escalation
The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: bzip2: bzip2-1.0.8-23.2.hum1 aarch64, x8664 bzip2-devel-1.0.8-23.2.hum1 aarch64, x8664 bzip2-libs-1.0.8-23.2.hum1 aarch64, x8664 bzip2-static-1.0.8-23.2.hum1 aarch64, x8664...
PT-2026-52967
Name of the Vulnerable Software and Affected Versions HCL Traveler for Microsoft Outlook affected versions not specified Description The HCL Traveler for Microsoft Outlook libraries are susceptible to an application modification issue, causing them to be flagged as unrecognized applications or...