CVE-2026-21016

Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...

CVE-2026-8272

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfilemgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...

CVE-2025-9615

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

EUVD-2025-206343

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

Flatnux 代码问题漏洞

Flatnux is a content management system from Flatnux open source. A code issue vulnerability exists in Flatnux version 2021-03.25, which stems from the file manager allowing the upload of arbitrary PHP files, which could lead to remote code execution...

Security update for chromium (important)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20161-1 Rating: important References: bsc1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Leap 16.0...

Google Chrome < 143.0.7499.109 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 143.0.7499.109. It is, therefore, affected by multiple vulnerabilities as referenced in the 202512stable-channel-update-for-desktop10 advisory. - Use after free in Password Manager in Google Chrome prior to 143.0.7499.110...

EUVD-2019-7244

Malware in sbrugna...

EUVD-2012-1747

Malware in sbrugna...

EUVD-2024-3471

Malicious code in bioql PyPI...

Chaos Controller Manager is vulnerable to OS command injection

The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS command injection. In conjunction with CVE-2025-59358, this allows unauthenticated in-cluster attackers to perform remote code execution across the cluster...

CBL Mariner 2.0 Security Update: azcopy / blobfuse2 / cert-manager / containerized-data-importer / coredns (CVE-2025-22868)

The version of azcopy / blobfuse2 / cert-manager / containerized-data-importer / coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22868 advisory. - An attacker can pass a malicious malforme...

SUSE CVE-2024-12401

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

GHSA-GHW8-3XQW-HHCJ Duplicate Advisory: cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r4pg-vg54-wxx4. This link is maintained to preserve external references. Original Description A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the...

CVE-2024-12401

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

CVE-2024-12401

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

CVE-2024-12401 Cert-manager: potential dos when parsing specially crafted pem inputs

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

CVE-2024-12401

CVE-2024-12401 is a DoS in the cert-manager package where an attacker able to modify PEM data read by cert-manager (e.g., in a Secret) can trigger high CPU usage in the cert-manager controller pod. Public details in connected IBM notes and vendor advisories confirm the issue, with a CVSS base sco...

CVE-2024-12401

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

PT-2024-8087 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a component of the Microsoft Windows operating system, specifically the Windows Package Library Manager, which has a flaw in its data protection mechanism...