944 matches found
CVE-2026-41485 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno-notation-aws, kyverno, kyverno-fips...
[SECURITY] Fedora 44 Update: rpki-client-9.8-1.fc44
The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...
GHSA-PJCQ-XVWQ-HHPJ vulnerabilities
Vulnerabilities for packages: yunikorn-k8shim, dex, rancher, spqr, kyverno-notation-aws, terraform, cert-manager-cmctl, external-secrets-operator, minio, cert-manager, frp, rclone, ratify, cert-manager-csi-driver, xeol, opentofu, k6, flux-source-controller, seaweedfs, grafana, openbao, kyverno,...
CVE-2026-32952 vulnerabilities
Vulnerabilities for packages: yunikorn-k8shim, dex, rancher, spqr, kyverno-notation-aws, terraform, cert-manager-cmctl, external-secrets-operator, minio, cert-manager, frp, rclone, ratify, cert-manager-csi-driver, xeol, opentofu, k6, flux-source-controller, seaweedfs, grafana, openbao, kyverno,...
CVE-2026-40868 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
GHSA-FMQP-4WFC-W3V7 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
GHSA-F9G8-6PPC-PQQ4 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno...
GHSA-Q93Q-V844-JRQP vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
GHSA-8WFP-579W-6R25 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
GHSA-Q93Q-V844-JRQP vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno-notation-aws...
CVE-2026-40868 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno-notation-aws...
GHSA-F9G8-6PPC-PQQ4 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno-notation-aws, kyverno, kyverno-fips...
GHSA-8WFP-579W-6R25 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno-notation-aws...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014272)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014272 advisory. jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 f...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the require process. An attacker can access sensitive local .js and .json files by supplying malicious JavaScript templates that exploit the module loader to bypass file access restrictions. This is only...
OPENSUSE-SU-2026:20612-1 Security update for tomcat10
This update for tomcat10 fixes the following issues: - Update to Tomcat 10.1.54 - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OC...
CVE-2026-40926 WWBN AVideo Vulnerable to CSRF in Admin JSON Endpoints (Category CRUD, Plugin Update Script)
WWBN AVideo is an open source video platform. In versions 29.0 and prior, three admin-only JSON endpoints — objects/categoryAddNew.json.php, objects/categoryDelete.json.php, and objects/pluginRunUpdateScript.json.php — enforce only a role check Category::canCreateCategory / User::isAdmin and...
USN-8189-1 rapidjson vulnerability
It was discovered that RapidJSON did not properly protect against integer overflows in certain instances when parsing JSON text. A remote attacker could possibly use this issue to craft a malicious JSON file, that when read by RapidJSON, would lead to an elevation of privilege, resulting in the...
GHSA-W9R4-94FJ-XP69 Apache Airflow Exposes Secrets in Variables Saved as JSON Dictionaries
Secrets in Variables saved as JSON dictionaries were not properly redacted - in case the variables were retrieved by the user the secrets stored as nested fields were not masked. If developers do not store variables with sensitive values in JSON form, their projects are not affected. Otherwise...
PYSEC-2026-19
Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked.If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise please upgrade to...