54601 matches found
EUVD-2026-34061
Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...
Linux Distros Unpatched Vulnerability : CVE-2026-45878
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Fix watchid bounds checking in debug address watch v2 The address watch clear code receives watchid as an unsigned value u32, but some helper...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the netfilter nftinner module, which incorrectly calculates the transmission header...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ipv6 module’s failure to check iter-nh when using RTANHID in the fib6addrt2node function. As ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the clk qcom gfx3d module. When determining the GFX3D clock rate, the parent mapping does not...
AlmaLinux 10 : mod_http2 (ALSA-2026:22528)
The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:22528 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 Tenable has extracted the preceding description block directly from the AlmaLinux securit...
CVE-2026-26379
CVE-2026-26379 affects Koha v0: Koha v.25.11 and earlier, where the Z39.50 configuration module is the entry point. The issue enables a remote attacker to execute arbitrary code. The available sources do not specify the underlying root cause details or exact vulnerable file/function, nor do they ...
PT-2026-46062
Name of the Vulnerable Software and Affected Versions FOSSBilling versions prior to 0.8.0 Description The Redirect module fails to validate the URL scheme of destination URLs configured by administrators before they are stored or issued. This allows the configuration of arbitrary external URLs as...
Anti-Spam by CleanTalk - Moderately critical - Cross site scripting - SA-CONTRIB-2026-042
This module provides spam protection using the CleanTalk cloud service. The module doesn't sufficiently sanitize API response messages before rendering them in HTML output. The cleantalkdie and ctdie functions output the CleanTalk API response message directly into HTML without proper sanitizatio...
LocalGov Workflows - Moderately critical - Information disclosure - SA-CONTRIB-2026-039
This module configures default editorial workflows for LocalGov Drupal content types. It provides a Drupal content moderation workflow, a content approvals dashboard, content scheduling and content preview. The module doesn't sufficiently restrict access to a view of Service Contacts at which...
Docker Desktop grpcfuse Kernel Module Uncontrolled Recursion Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code within a container on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2026-26379
Koha versions up to 25.11 contain a Server-Side Request Forgery SSRF vulnerability via the Z39.50/SRU server configuration. This allows authenticated attackers to perform internal network scanning and identify running services by analyzing server response times...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AppArmor module’s dfa tables not being aligned by 8 bytes. This vulnerability may lead to...
FOSSBilling 输入验证错误漏洞
FOSSBilling is an open-source billing and customer management platform for hosting service providers and digital service providers. Versions of FOSSBilling prior to 0.8.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the redirection module not...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and extcon processing in the power supply pm8916lbc module. Th...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gpio cdev module’s behavior during the linehandlecreate function. After retaining andnullptr,...
Linux kernel 安全漏洞
The Linux kernel is the core used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ASoC fslxcvr module attempting to acquire the controlsrwsem write lock, which is already...
Linux-privesc-PoC
Linux Privilege Escalation PoC Lab Educational disclaimer...
CVE-2026-8936
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...
CVE-2026-8936
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...