515 matches found
ROOT-OS-DEBIAN-13-CVE-2025-68322 CVE-2025-68322 in rootio-linux - Patched by Root
Root has patched CVE-2025-68322 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-43072 CVE-2026-43072 in rootio-linux - Patched by Root
Root has patched CVE-2026-43072 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2023-52590 CVE-2023-52590 in rootio-linux - Patched by Root
Root has patched CVE-2023-52590 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-44958 CVE-2024-44958 in rootio-linux - Patched by Root
Root has patched CVE-2024-44958 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2022-49531 CVE-2022-49531 in rootio-linux - Patched by Root
Root has patched CVE-2022-49531 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-38022 CVE-2025-38022 in rootio-linux - Patched by Root
Root has patched CVE-2025-38022 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-69227 CVE-2025-69227 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-69227 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
@angular/core: Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)
An issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component creation. Specifically, the dynamic component instantiation mechanism createComponent failed to reject mounting components directly onto a or namespaced script element such as . This...
ROOT-OS-UBUNTU-2204-CVE-2024-49937 CVE-2024-49937 in rootio-linux - Patched by Root
Root has patched CVE-2024-49937 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21875 CVE-2025-21875 in rootio-linux - Patched by Root
Root has patched CVE-2025-21875 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43169 CVE-2026-43169 in rootio-linux - Patched by Root
Root has patched CVE-2026-43169 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23468 CVE-2026-23468 in rootio-linux - Patched by Root
Root has patched CVE-2026-23468 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39894 CVE-2025-39894 in rootio-linux - Patched by Root
Root has patched CVE-2025-39894 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40283 CVE-2025-40283 in rootio-linux - Patched by Root
Root has patched CVE-2025-40283 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
PT-2026-49556
Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...
Linux Distros Unpatched Vulnerability : CVE-2026-41568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version...
CVE-2026-47263
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /webhookevents/ in Jobs::RedeliverWebHookEvents did not pass groupids, leaving the channel...
CVE-2026-47264 Discourse: Don't leak restricted tag group names via tag info
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, DetailedTagSerializertaggroupnames returned every tag group a tag belonged to without filtering against the requesting...
CVE-2026-47263 Discourse: Prevent webhook payload disclosure on event redelivery
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /webhookevents/ in Jobs::RedeliverWebHookEvents did not pass groupids, leaving the channel...
EUVD-2026-36558
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, four authorization/disclosure issues in the chat plugin one also involving discourse-calendar: read-only category users...