CVE-2026-20065

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the binder...

CVE-2026-20065 Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the binder...

CVE-2026-20065

Technical details (affected products, components, root cause, impact, remediation) are not publicly provided in the supplied documents. Monitor for updates from Cisco and authoritative advisories to obtain concrete technical information.

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

CVE-2026-20031

A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...

CVE-2026-26514

An Argument Injection vulnerability exists in bird-lg-go before commit 6187a4e. The traceroute module uses shlex.Split to parse user input without validation, allowing remote attackers to inject arbitrary flags e.g., -w, -q via the q parameter. This can be exploited to cause a Denial of Service D...

SUSE-SU-2026:0802-1 Security update for python

This update for python fixes the following issues: - CVE-2024-7592: excess CPU resource consumption in http.cookies module bsc1229596...

bws-web-server (>=0.1.0 <=0.1.1), pingora (>=0.1.0 <=0.6.0) +6 more potentially affected by CVE-2026-2833 via pingora-core (>=0.1.1 <=0.6.0)

pingora-core CARGO version =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.7 - revoke-gateway =0.3.0 - static-files-module =0.1.0 Source cves: CVE-2026-2833 Source advisory: OSV:RUSTSEC-2026-0033...

bws-web-server (>=0.1.0 <=0.1.1), pingora (>=0.1.0 <=0.6.0) +3 more potentially affected by CVE-2026-2836 via pingora-cache (>=0.1.1 <=0.6.0)

pingora-cache CARGO version =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.6.0 - revoke-gateway =0.3.0 - static-files-module =0.1.0 Source cves: CVE-2026-2836 Source advisory: OSV:RUSTSEC-2026-0035...

CVE-2026-1874

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

MINI-RF74-92CH-3HXH

Bulletin has no description...

CVE-2025-52469

Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal fl...

[SECURITY] Fedora 43 Update: perl-Crypt-URandom-0.55-1.fc43

This Module is intended to provide an interface to the strongest available source of non-blocking randomness on the current platform...

[SECURITY] Fedora 43 Update: keylime-7.14.1-1.fc43

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

SUSE CVE-2026-23644

esm.sh is a no-build content delivery network CDN for web development. Prior to Go pseeudoversion 0.0.0-20260116051925-c62ab83c589e, the software has a path traversal vulnerability due to an incomplete fix. path.Clean normalizes a path but does not prevent absolute paths in a malicious tar file...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the notifier functionality. An attacker can enumerate internal services by supplying arbitrary URLs, causing the application to send HTTP POST requests and observing UI behavior differences based on...

SUSE CVE-2026-26055

Yoke is a Helm-inspired infrastructure-as-code IaC package deployer. In 0.19.0 and earlier, a vulnerability exists in the Air Traffic Controller ATC component of Yoke. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster network to directly send...

CVE-2026-26514

An Argument Injection vulnerability exists in bird-lg-go before commit 6187a4e. The traceroute module uses shlex.Split to parse user input without validation, allowing remote attackers to inject arbitrary flags e.g., -w, -q via the q parameter. This can be exploited to cause a Denial of Service D...

ROS-20260304-73-0022

A vulnerability in the keyextractl3l4 function of the net/openvswitch/flow.c module of the openvswitch component of the Linux operating systems kernel is related to unchecked array indexing. Exploitation of the vulnerability could allow an attacker to cause a denial of service by sending speciall...

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...