SUSE CVE-2026-28280

osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...

continuwuity 安全漏洞

continuwuity is a home server from continuwuity open source. A security vulnerability exists in versions prior to continuwuity 0.5.0 that stems from not verifying the origin of a signature request, which could result in the server cryptographically signing an arbitrary membership event...

PT-2023-33043 · Amazon · Aws Encryption Sdk +2

Name of the Vulnerable Software and Affected Versions: Strongbox versions prior to 0.5.0 Description: The issue allows an attacker with read-only access to a Strongbox secret to craft a valid encrypted secret, which also affects the usefulness of audit logs from KMS. This is caused by a bug in th...

memoffset crate for Rust information disclosure vulnerability

memoffset crate for Rust is a Rust-based package for calculating offsets for structural members and their spans. An information disclosure vulnerability exists in versions of memoffset crate for Rust prior to 0.5.0, which can be exploited by an unauthorized attacker to obtain sensitive informatio...