10308 matches found
CVE-2026-15921 nvm path traversal via a malicious mirror's LTS codename writes outside the alias directory
Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...
CVE-2026-15921
The CVE-2026-15921 issue affects Node Version Manager (nvm) up to v0.40.5, where nvm ls-remote and similar commands parse the mirror index.tab and use each LTS codename as an alias filename without validation. A malicious mirror can return path-traversal codenames (e.g., ../../../.bashrc), causin...
Debian dla-4677 : chromium - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4677 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4677-1 [email protected]...
CVE-2026-54149 MaxKB MCP tool import validation bypass allows post-authentication remote code execution
MaxKB is an open-source AI assistant for enterprise. Prior to 2.10.0-lts, MaxKB tool import functionality in apps/tools/serializers/tool.py and MCP referencing mode in apps/application/chatpipeline/step/chatstep/impl/basechatstep.py do not consistently validate MCP transport type, allowing an...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Go Cryptography vulnerabilities (USN-8519-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8519-1 advisory. Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. A...
USN-8523-1: libsoup vulnerabilities
Eric Su and Samuel Dainard discovered that libsoup incorrectly handled content with zero-length resources. An attacker could possibly use this issue to trigger a buffer over-read, resulting in information disclosure or a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04...
Ubuntu 26.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8507-1)
"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8507-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...
[SECURITY] [DLA 4669-1] php8.2 security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-4669-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta July 04, 2026 https://wiki.debian.org/LTS - -----------------------------------------------------------------------...
EUVD-2026-41551
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command 'OS...
EUVD-2026-41538
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of uninitialized resource vulnerability. A low privileged attacker wi...
PT-2026-55546
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...
PT-2026-55533
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...
PT-2026-55536
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...
Debian dla-4665 : affs-modules-6.1.0-48-4kc-malta-di - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4665 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4665-1 [email protected]...
[SECURITY] [DLA 4662-1] jq security update
Debian LTS Advisory DLA-4662-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson July 01, 2026 https://wiki.debian.org/LTS Package : jq Version : 1.6-2.1+deb12u2 CVE ID : CVE-2026-32316 CVE-2026-33947 CVE-2026-33948 CVE-2026-39956 CVE-2026-39979 CVE-2026-40164...
Debian dla-4660 : libnginx-mod-http-auth-pam - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4660 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4660-1 [email protected]...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : SQLite vulnerabilities (USN-8480-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8480-1 advisory. It was discovered that SQLite incorrectly handled certain memory operations in the FTS5 full-text search extension. An...
USN-8479-1: libheif vulnerabilities
It was discovered that libheif incorrectly handled certain crafted HEIF files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-47178 It was discovered that libheif incorrectly validated offsets when decoding certain crafted HEIF files. An...
[SECURITY] [DLA 4655-1] libhtml-parser-perl security update
Debian LTS Advisory DLA-4655-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 28, 2026 https://wiki.debian.org/LTS Package : libhtml-parser-perl Version : 3.75-1+deb11u1 CVE ID : CVE-2026-8829 Paul Johnson discovered that libhtml-parser-perl, a collection of...
[SECURITY] [DLA 4654-1] chromium security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4654-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 27, 2026 https://wiki.debian.org/LTS -...