48346 matches found
EUVD-2026-41414
Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...
EUVD-2026-41412
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...
CVE-2026-55952
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...
CVE-2026-53422
Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...
USN-8498-1 linux-nvidia-tegra vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
CVE-2023-32198 vulnerabilities
Vulnerabilities for packages: rancher-agent, harvester, harvester-fips, rancher...
CVE-2024-52281 vulnerabilities
Vulnerabilities for packages: harvester, harvester-fips...
GHSA-64JQ-M7RQ-768H vulnerabilities
Vulnerabilities for packages: harvester, harvester-fips...
GHSA-7RP8-R62P-Q6WC vulnerabilities
Vulnerabilities for packages: wolfictl, dl, cg, apply-cve-bump...
GHSA-VH4V-2XQ2-G5CG vulnerabilities
Vulnerabilities for packages: kargo, chartmuseum, kubescape-operator, rancher-fleet, teleport, helm-mapkubeapis, conftest, kots, helm-push, xeol, gitness, trivy-operator, rancher-agent, tigera-operator, gogatekeeper, consul-k8s, helm-operator, oras, zarf, argo-cd, gatekeeper, argocd-image-updater...
GHSA-8XWF-RJM4-XVHV vulnerabilities
Vulnerabilities for packages: kargo, chartmuseum, kubescape-operator, rancher-fleet, teleport, helm-mapkubeapis, conftest, kots, helm-push, xeol, gitness, trivy-operator, rancher-agent, tigera-operator, gogatekeeper, consul-k8s, helm-operator, oras, zarf, argo-cd, gatekeeper, argocd-image-updater...
CVE-2026-48978 vulnerabilities
Vulnerabilities for packages: kargo, chartmuseum, kubescape-operator, rancher-fleet, teleport, helm-mapkubeapis, conftest, kots, helm-push, xeol, gitness, trivy-operator, rancher-agent, tigera-operator, gogatekeeper, consul-k8s, helm-operator, oras, zarf, argo-cd, gatekeeper, argocd-image-updater...
PYSEC-2026-645 instack-undercloud vulnerable to symlink attack on tmp files
A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...
PYSEC-2026-741 XML Entity Expansion in trytond and proteus
An XML Entity Expansion XEE issue was discovered in Tryton Application Platform Server 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform Command Line Client proteus 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. A...
RHSA-2026:34160 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
Bulletin has no description...
CVE-2026-8482
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
RHSA-2026:28886 Red Hat Security Advisory: OpenShift Container Platform 4.14.68 packages and security update
Bulletin has no description...
EUVD-2026-41271
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
[SECURITY] Fedora 44 Update: caddy-2.10.2-9.fc44
Caddy is an extensible server platform that uses TLS by default...