Lucene search
K

6512 matches found

Ubuntu
Ubuntu
added 2026/06/10 12:22 p.m.11 views

USN-6455-2: Exim regression

USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117 introduced a regression on Ubuntu 22.04 LTS that resulted in certain connections logging a Taint mismatch error. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered tha...

6AI score
Exploits0References1
OSV
OSV
added 2026/06/09 1:48 p.m.12 views

USN-8398-2 nginx regression

USN-8398-1 fixed a vulnerability in nginx. The update introduced a regression causing nginx to crash when being used with external modules. This update reverts the fix for CVE-2026-49975 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

7.5CVSS5.6AI score0.11471EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2026/06/09 1:48 p.m.42 views

USN-8398-2: nginx regression

USN-8398-1 fixed a vulnerability in nginx. The update introduced a regression causing nginx to crash when being used with external modules. This update reverts the fix for CVE-2026-49975 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...

5.6AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/08 6:19 a.m.69 views

janus-security-platform

Agentic Security Platform Payments-domain SAST + autonomous P...

6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.22 views

EulerOS Virtualization 2.13.1 : libpng (EulerOS-SA-2026-2135)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

8.3CVSS5.8AI score0.00955EPSS
Exploits9References7
NVD
NVD
added 2026/06/04 5:16 p.m.20 views

CVE-2026-50266

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...

2.2CVSS0.00262EPSS
Exploits0References6
CVE
CVE
added 2026/06/04 4:18 p.m.26 views

CVE-2026-50266

OpenStack Neutron before 28.0.1 is affected. A port on a shared network owned by another project can be created or updated by a project manager with device_owner starting with a network: prefix (e.g., network:dhcp). The default RBAC policies did not require network ownership, allowing access to t...

2.2CVSS5.8AI score0.00262EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46270

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device owner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECT MANAGER witho...

2.2CVSS5.8AI score0.00262EPSS
Exploits0References9
OSV
OSV
added 2026/06/03 9:16 a.m.35 views

USN-8344-3 python-pip vulnerability

USN-8344-1 introduced a regression in pip. This update provides a complete fix for this issue.. We apologize for the inconvenience. Original advisory details: It was discovered that pip's bundled urllib3 library improperly handled streaming decompression of highly compressed data. A remote attack...

8.9CVSS6.8AI score0.00633EPSS
Exploits0References2
Hacker One
Hacker One
added 2026/06/01 8:53 a.m.18 views

curl: heap-use-after-free in state.referer when CURLOPT_REFERER replaced or cleared after perform

Calling curleasysetoptcurl, CURLOPTREFERER, ... to replace or clear a previously-set referer after curleasyperform frees the old string via Curlsetstropt lib/setopt.c:87 but leaves data-state.referer.ptr pointing at the freed heap region. curleasygetinfoCURLINFOREFERER and curleasyduphandle then...

5.6AI score
Exploits0
OSV
OSV
added 2026/05/29 10:14 p.m.6 views

GHSA-XH5J-XJFQ-QVVX stigmem-node's federation peer token timestamp validation may reject valid peer tokens

Impact A mismatch in federation peer-token timestamp handling could cause valid peer tokens to be treated as expired. Impacted deployments are Stigmem nodes using federation peer authentication paths from affected versions. The primary impact is availability and reliability of authenticated...

7.1CVSS5.8AI score
Exploits0References5
Ubuntu
Ubuntu
added 2026/05/29 7:53 p.m.33 views

USN-8344-2: pip regression

USN-8344-1 fixed vulnerabilities in pip. On Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS the patches for CVE-2025-66471 caused a regression when using pip. The patches for CVE-2025-66471 have been temporarily reverted pending investigation. We apologize for the inconvenience. Original...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/29 7:53 p.m.17 views

USN-8344-2 python-pip regression

USN-8344-1 fixed vulnerabilities in pip. On Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS the patches for CVE-2025-66471 caused a regression when using pip. The patches for CVE-2025-66471 have been temporarily reverted pending investigation. We apologize for the inconvenience. Original...

8.9CVSS6.8AI score0.00633EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 10:47 a.m.13 views

USN-8338-2 apache2 regression

USN-8338-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression that prevented modhttp2 from loading on Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Apache HTTP Server incorrectly...

5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Fedora 44 : libpng (2026-67c1138ed2)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-67c1138ed2 advisory. updated to 1.6.58 1.6.58 is released with a fix for a simple correctness bug not a security issue this time: pnggetPLTE returns stale palette data...

7.5CVSS5.9AI score0.01052EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracepoint: balance regfunc on funcadd failure in tracepointaddfunc When a tracepoint goes through the 0 - 1 transition, tracepointaddfunc invokes the subsystem...

5.5CVSS6AI score0.00128EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 3:47 p.m.11 views

EUVD-2026-32931

In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the SERVICEACCOUNTTOKEN placeholder Canal/Flannel-Calico deployments, the installer substitutes the live Kubernetes ServiceAccount bearer token before logging,...

6CVSS5.8AI score0.00504EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.15 views

SUSE CVE-2026-45966

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

5.7AI score0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:18 p.m.24 views

CVE-2026-45966

CVE-2026-45966 concerns a Linux kernel/AppArmor regression. When receiving file descriptors via SCM_RIGHTS, both sock and sock->sk can be NULL, leading to NULL pointer dereferences in __unix_needs_revalidation() and a crash. The issue stems from added NULL checks in a new function without ensu...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/27 11:18 a.m.7 views

CLSA-2026-1779880647 Fix of 6 CVEs

SECURITY UPDATE: postgresql May-2026 CVE batch - debian/patches/CVE-2026-6473.patch: integer overflow fixes across multiple vulnerable sites: hstoreplperl/hstoreplpython palloc sizing mulsize, arrayagg nitems overflow, intarray/ltxtquery findoprnd left-offset overflow, ltree lquery numvar/totalle...

8.8CVSS6AI score0.00668EPSS
Exploits0References1
Rows per page
Query Builder