Cloud Foundry BOSH Director 安全漏洞

Cloud Foundry BOSH Director is a cloud infrastructure deployment and lifecycle management platform developed by the US Cloud Foundry company. Versions of Cloud Foundry BOSH Director prior to v282.1.12 contained security vulnerabilities. These vulnerabilities stemmed from AgentClient not performin...

CVE-2026-6342 Group prefix matching bypass for subscriptions

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups that were not whitelisted via creating groups that share the same prefix as a whitelisted group. Mattermost Advisory ID:...

Mattermost Plugins 安全漏洞

Mattermost Plugins is a plugin provided by the American company Mattermost, offering powerful feature extensions and tight integration with servers and network/desktop applications. Versions 11.5, 11.1.5, 10.13.11, and 11.3.4.0 of Mattermost Plugins have security vulnerabilities. These...

EUVD-2026-5854

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

CVE-2026-23189 ceph: fix NULL pointer dereference in ceph_mds_auth_match()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

PT-2026-8197

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.18-rc1 and later Description The CephFS kernel client contains a flaw in the ceph mds auth match function where a NULL pointer dereference can occur if fs name is NULL. This issue arises during authorization checks with...

CLSA-2025-1758022908 ruby: Fix of 2 CVEs

CVE-2024-39908: fix performance issue caused by using repeated characters to avoid DoS vulnerabilities when it parses an XML - CVE-2024-43398: improve namespace conflicted attribute check to avoid DoS vulnerability when it parses an XML...

Information Disclosure

github.com/cilium/cilium is vulnerable to Information Disclosure. The vulnerability exists due to the lack of namespace checks for TLS secret references in the Gateway API, which allows an attacker to gain access to secrets including certificates and services across namespaces and configure Ciliu...

PT-2013-4945 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.11 Description: The issue allows local users to gain privileges via PID spoofing due to an incorrect namespace capability check in the scm check creds function. Recommendations: For versions prior to 3.11,...

security flaw

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...