484 matches found
ROOT-APP-PYPI-CVE-2025-69227 CVE-2025-69227 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-69227 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-42215 CVE-2026-42215 in rootio-GitPython - Patched by Root
Root has patched CVE-2026-42215 in the rootio-GitPython package for Root:PyPI. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21875 CVE-2025-21875 in rootio-linux - Patched by Root
Root has patched CVE-2025-21875 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43169 CVE-2026-43169 in rootio-linux - Patched by Root
Root has patched CVE-2026-43169 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40283 CVE-2025-40283 in rootio-linux - Patched by Root
Root has patched CVE-2025-40283 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39894 CVE-2025-39894 in rootio-linux - Patched by Root
Root has patched CVE-2025-39894 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23468 CVE-2026-23468 in rootio-linux - Patched by Root
Root has patched CVE-2026-23468 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
EUVD-2026-34028
authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured sources can log into any account. This issue has been patched in versions 2025.12.6, 2026.2.4, an...
ROOT-OS-DEBIAN-13-CVE-2025-68322 CVE-2025-68322 in rootio-linux - Patched by Root
Root has patched CVE-2025-68322 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
CVE-2026-45159 Nextcloud: Files drop share links for end-to-end encrypted folders allowed to drop files into other folders of the share owner
Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with access to an end-to-end encrypted files drop link was able to also drop files into other end-to-e...
CVE-2026-45264 Nextcloud: ACL Rename Permission Bypass in Team Folders Allows Unauthorized File Renames
Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before 21.0.4, a user with READ and CREATE permission, but no UPDATE permission for a team folder can...
ROOT-OS-DEBIAN-11-CVE-2025-38022 CVE-2025-38022 in rootio-linux - Patched by Root
Root has patched CVE-2025-38022 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2022-49531 CVE-2022-49531 in rootio-linux - Patched by Root
Root has patched CVE-2022-49531 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-43072 CVE-2026-43072 in rootio-linux - Patched by Root
Root has patched CVE-2026-43072 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-44958 CVE-2024-44958 in rootio-linux - Patched by Root
Root has patched CVE-2024-44958 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2023-52590 CVE-2023-52590 in rootio-linux - Patched by Root
Root has patched CVE-2023-52590 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-1965 CVE-2026-1965 in rootio-curl - Patched by Root
Root has patched CVE-2026-1965 in the rootio-curl package for Root:Debian:12. Multiple fixed versions available...
XWiki Platform's Livetable results still allow reconstructing password hashes using 768 requests
Impact XWiki discovered that the patch for GHSA-5cf8-vrr8-8hjm was insufficient and with slightly modified parameters to the LiveTableResults, it is still possible to discover password hashes one bit at a time, so with 768 requests, the full password salt and hash can be retrieved of a user...
ROOT-OS-UBUNTU-2204-CVE-2024-49937 CVE-2024-49937 in rootio-linux - Patched by Root
Root has patched CVE-2024-49937 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
CVE-2026-33137
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform is a generic wiki platform. In versions starting with 15.10.6 and prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17, the POST /wikis/wikiName API executes a XAR import without...