72 matches found
ROOT-APP-NPM-GHSA-8H8Q-6873-Q5FJ GHSA-8h8q-6873-q5fj in @rootio/next - Patched by Root
Root has patched GHSA-8h8q-6873-q5fj in the @rootio/next package for Root:npm. Multiple fixed versions available...
CVE-2026-46846
creationtimestamp| type| source ---|---|--- 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8 2026-06-18 17:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3molcufwyew2i...
EUVD-2026-33747
A vulnerability was detected in Bottelet DaybydayCRM up to 2.2.1. Affected is an unknown function of the component Setting Handler. Performing a manipulation results in missing authentication. Remote exploitation of the attack is possible. It is recommended to apply a patch to fix this issue...
PT-2026-43187
A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read 2004 compressed section of the file src/decode.c of the component Dwgbmp Utility. Executing a manipulation can lead to out-of-bounds read. The attack requires local access. The exploit has been ma...
PT-2026-41632
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change file status of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...
CVE-2026-5788
creationtimestamp| type| source ---|---|--- 2026-05-07 07:54:45+00:00| seen| https://ccb.belgium.be/advisories/warning-authenticated-remote-code-execution-vulnerability-ivanti-epmm-exploited-patch 2026-05-07 08:14:00+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-12...
RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:12267)
The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:12267 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
GHSA-JJ45-XVQ5-RHH9 Kratos has a Confused Deputy issue
A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the component http.DefaultServeMux Fallback Handler. The manipulation results in unintended intermediary. The attack may be launched remotely. The explo...
Windows Routing and Remote Access Service integer overflow
Added: 03/23/2026 Background The Windows Routing and Remote Access Service supports remote user or site-to-site connectivity by using VPN or dial-up connections. Problem An integer overflow vulnerability in the Windows Routing and Remote Access Service allow command execution when a domain-joined...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.0.6)
The version of AOS installed on the remote host is prior to 7.5.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.0.6 advisory. - A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library...
CVE-2026-2259
A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsing. The manipulation leads to memory corruption. The attack can only be performed from a local...
CVE-2026-2258 aardappel lobster wfc.h WaveFunctionCollapse memory corruption
A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...
EUVD-2025-204582
A vulnerability was identified in WebAssembly Binaryen up to 125. This affects the function IRBuilder::makeLocalGet/IRBuilder::makeLocalSet/IRBuilder::makeLocalTee of the file src/wasm/wasm-ir-builder.cpp of the component IRBuilder. Such manipulation of the argument Index leads to null pointer...
CVE-2025-14909 JeecgBoot SysUserOnlineController.java SysUserOnlineController user session
A weakness has been identified in JeecgBoot up to 3.9.0. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to mana...
CVE-2025-14908 JeecgBoot Multi-Tenant Management SysTenantController.java improper authentication
A security flaw has been discovered in JeecgBoot up to 3.9.0. The affected element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java of the component Multi-Tenant Management Module...
EUVD-2025-24131
Malicious code in bioql PyPI...
EUVD-2025-27148
Malicious code in bioql PyPI...
Ubuntu 22.04 LTS : Linux kernel (HWE) vulnerabilities (USN-7801-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7801-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...
[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1
R1 Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.1 Jason Schavel Wed, 09/24/2025 - 10:34 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components PostgreSQL was found to contai...
CVE-2025-10096 SimStudioAI sim route.ts server-side request forgery
A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...