4570 matches found
CVE-2024-57795 affecting package kernel for versions less than 6.6.121.1-1
CVE-2024-57795 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-68211 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-68211 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-71069 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-71069 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-68806 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-68806 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2026-0915 affecting package glibc for versions less than 2.38-18
CVE-2026-0915 affecting package glibc for versions less than 2.38-18. A patched version of the package is available...
CVE-2025-68803 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-68803 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-71147 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-71147 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-68794 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-68794 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-71182 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-71182 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-68371 affecting package kernel for versions less than 6.6.121.1-1
CVE-2025-68371 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...
CVE-2025-69421 affecting package edk2 for versions less than 20240524git3e722403cd16-14
CVE-2025-69421 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...
CVE-2026-22796 affecting package edk2 for versions less than 20240524git3e722403cd16-14
CVE-2026-22796 affecting package edk2 for versions less than 20240524git3e722403cd16-14. A patched version of the package is available...
Security Advisory EPM February 2026 for EPM 2024
Update 18 Feb: Added FAQ on patching Agents. Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses one high severity vulnerability and one medium severity vulnerability. Successful exploitation could allow a remote authenticated attacker to leak arbitrary data or...
CVE-2026-2245
A vulnerability was identified in CCExtractor up to 183. This affects the function parsePAT/parsePMT in the library src/libccx/tstables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...
CVE-2026-2241
A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function osstrftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is...
CVE-2026-2241 janet-lang janet os.c os_strftime out-of-bounds
A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function osstrftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is...
MCP Run Python has a Sandbox Escape & Server Takeover Vulnerability
Impact Critical Sandbox Escape & Server Takeover: A critical security vulnerability exists in mcp-run-python due to a lack of isolation between the Python runtime Pyodide and the host JavaScript environment. The runPython and runPythonAsync functions execute Python code using Pyodide without...
GHSA-PFV4-WMPH-5GC6 MCP Run Python has a Sandbox Escape & Server Takeover Vulnerability
Impact Critical Sandbox Escape & Server Takeover: A critical security vulnerability exists in mcp-run-python due to a lack of isolation between the Python runtime Pyodide and the host JavaScript environment. The runPython and runPythonAsync functions execute Python code using Pyodide without...
GHSA-6FGP-M6Q4-J3Q5 MCP Run Python Deno Sandbox Misconfiguration Allows SSRF Attacks via Localhost Access
Impact Server-Side Request Forgery SSRF: A security vulnerability exists in the mcp-run-python tool specifically within the Pydantic-AI integration due to an overly permissive Deno sandbox configuration. The tool configures the Deno runtime—which is intended to isolate the execution of untrusted...
jsonpath has Arbitrary Code Injection via Unsafe Evaluation of JSON Path Expressions
Impact Arbitrary Code Injection Remote Code Execution & XSS: A critical security vulnerability affects all versions of the jsonpath package. The library relies on the static-eval module to evaluate JSON Path expressions but fails to properly sanitize or sandbox the input. This allows an attacker ...