482008 matches found
CVE-2026-12023 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12022 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12020 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12019 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12017 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12016 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12015 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12014 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12012 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12010 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12009 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12008 vulnerabilities
Vulnerabilities for packages: chromium...
Security update for container-suseconnect
This update for container-suseconnect rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product:...
tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation
A flaw was found in Apache Tomcat. When an Online Certificate Status Protocol OCSP responder is used, the Tomcat Native component, and Tomcat's FFM port of the Tomcat Native code, does not properly verify or check the freshness of the OCSP response. This improper input validation vulnerability...
USN-8433-1: OpenStack Keystone vulnerabilities
It was discovered that OpenStack Keystone allowed restricted application credentials to create EC2 credentials. An authenticated attacker with only a reader role could possibly use this issue to bypass the role restrictions imposed on the application credential. CVE-2026-33551 It was discovered...
redis: use-after-free in unblock client flow may allow remote code execution
A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...
redis: RESTORE invalid memory access may allow remote code execution
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...
redis: Remote code execution via use-after-free in Lua scripting
A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...
erb: ERB: Arbitrary code execution via deserialization bypass
A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...
HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
A flaw was found in HP Linux Imaging and Printing Software HPLIP. This vulnerability, caused by an integer overflow in the hpcups processing path, occurs when the software handles specially crafted print data. A successful exploit could lead to arbitrary code execution or escalation of privileges...