517 matches found
ROOT-APP-PYPI-CVE-2025-69227 CVE-2025-69227 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-69227 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39894 CVE-2025-39894 in rootio-linux - Patched by Root
Root has patched CVE-2025-39894 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43169 CVE-2026-43169 in rootio-linux - Patched by Root
Root has patched CVE-2026-43169 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21875 CVE-2025-21875 in rootio-linux - Patched by Root
Root has patched CVE-2025-21875 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40283 CVE-2025-40283 in rootio-linux - Patched by Root
Root has patched CVE-2025-40283 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23468 CVE-2026-23468 in rootio-linux - Patched by Root
Root has patched CVE-2026-23468 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2204-CVE-2024-49937 CVE-2024-49937 in rootio-linux - Patched by Root
Root has patched CVE-2024-49937 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-68322 CVE-2025-68322 in rootio-linux - Patched by Root
Root has patched CVE-2025-68322 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
GHSA-XHF5-7WJV-PQXP containerd CRI — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull
Impact A bug was found in containerd where the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via a plugin that consumes container labels for some operations. Patch...
Astra Linux – Vulnerability in Composer
Composer is a dependency manager for PHP. The URLs for Mercurial repositories in the composer.json file at the root level, as well as the source download URLs, are not sanified correctly. Specifically crafted URL values allow code to be executed via the HgDriver if hg/Mercurial is installed on th...
ROOT-OS-DEBIAN-11-CVE-2026-43072 CVE-2026-43072 in rootio-linux - Patched by Root
Root has patched CVE-2026-43072 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2022-49531 CVE-2022-49531 in rootio-linux - Patched by Root
Root has patched CVE-2022-49531 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-44958 CVE-2024-44958 in rootio-linux - Patched by Root
Root has patched CVE-2024-44958 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2023-52590 CVE-2023-52590 in rootio-linux - Patched by Root
Root has patched CVE-2023-52590 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-38022 CVE-2025-38022 in rootio-linux - Patched by Root
Root has patched CVE-2025-38022 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
BIT-MARIADB-2026-44172 MariaDB: mysql_real_escape_string() incorrectly handled big5
MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...
@angular/core: Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)
An issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component creation. Specifically, the dynamic component instantiation mechanism createComponent failed to reject mounting components directly onto a or namespaced script element such as . This...
PT-2026-49556
Name of the Vulnerable Software and Affected Versions @babel/core versions prior to 7.29.6 @babel/core versions prior to 8.0.0-rc.6 Description Compiling maliciously crafted code using @babel/core can allow an attacker to read any source map from the system. This occurs when the attacker controls...
Linux Distros Unpatched Vulnerability : CVE-2026-41568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version...
CVE-2026-47263
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /webhookevents/ in Jobs::RedeliverWebHookEvents did not pass groupids, leaving the channel...