SUSE CVE-2026-23632

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, the endpoint "PUT /repos/:owner/:repo/contents/" does not require write permissions and allows access with read permission only via repoAssignment. After passing the permission check, PutContents invokes UpdateRepoFile,...

CVE-2025-2572 WhatsUp Gold NmConfigurationManager.exe database manipulation vulnerability

In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the contents of WhatsUp.dbo.WrlsMacAddressGroup...

CVE-2024-9407

CVE-2024-9407 is a local-privilege vulnerability in the bind-propagation option of Dockerfile RUN --mount as implemented by buildah/podman. The root cause is improper input validation, allowing an attacker to pass arbitrary parameters to the mount operation and potentially mount host directories ...

CVE-2007-6522

The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains...