Lucene search
K

34918 matches found

RedHat Linux
RedHat Linux
added 1 hour ago4 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.55 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.01557EPSS
Exploits2References9
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-42492

A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects an unknown part of the file /editfooditems.php. The manipulation of the argument update results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS6.8AI score
Exploits0References7
RedHat Linux
RedHat Linux
added yesterday3 views

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.9.5 security update

The multicluster engine for Kubernetes 2.9 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.9 images The multicluster engine for Kubernetes provides the foundational components that are...

9.6CVSS6.8AI score0.01041EPSS
Exploits6References11
RedHat Linux
RedHat Linux
added yesterday4 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.14.3 security update

Red Hat Advanced Cluster Management for Kubernetes 2.14 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.14 images Red Hat Advanced Cluster Management for Kubernetes provides...

10CVSS7AI score0.02591EPSS
Exploits27References42
RedHat Linux
RedHat Linux
added yesterday4 views

Important: Red Hat Security Advisory: Submariner v0.20 security fixes and container updates

Submariner v0.20 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS7.1AI score0.01945EPSS
Exploits4References12
CVE
CVE
added yesterday12 views

CVE-2025-12506

GitLab CE/EE had a vulnerability (CVE-2025-12506) across all affected branches: 16.5–before 18.11.7, 19.0–before 19.0.4, and 19.1–before 19.1.2, where under certain conditions an authenticated user could create a repository in which the content shown in the web interface differed from the content...

3.5CVSS6AI score
Exploits0References3
Cvelist
Cvelist
added yesterday9 views

CVE-2026-59871 node-tar: Process crash via PAX numeric path type confusion

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, node-tar coerces all-digit PAX path and linkpath values in src/pax.ts to JavaScript numbers, causing downstream path handling such as normalizeWindowsPathentry.path.split'/' to throw an uncaught TypeError. This issue is...

5.3CVSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-42279

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS5.9AI score
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday8 views

Important: Red Hat Security Advisory: RHACS 4.10.5 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

9.4CVSS6.8AI score0.00813EPSS
Exploits0References17
CVE
CVE
added yesterday9 views

CVE-2026-57248

The CVE-2026-57248 entry concerns Foxit PDF Editor/Reader where opening a PDF and performing JavaScript to write annotation attributes can bypass object type/argument checks, corrupting the internal annotation structure and causing a crash on release. This is described as a local, user-interactio...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday14 views

CVE-2026-57248 Foxit PDF Editor/Reader Annotation Improper Release Vulnerability

When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release...

7.8CVSS0.00116EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday18 views

Emby Server - Authentication Bypass

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS7AI score0.01713EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago5 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS6.2AI score0.00104EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-55435

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, AI Bridge proxy endpoints authenticate via Server.IsAuthorized in coderd/aibridgedserver, which validates key format, expiry, secret...

5.4CVSS6AI score0.0032EPSS
Exploits0References8Affected Software1
Nuclei
Nuclei
added 2 days ago57 views

Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation CNCF as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to...

9.8CVSS5.8AI score0.33618EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2 days ago15 views

Important: Red Hat Security Advisory: RHACS 4.9.9 security and bug fix update

Updated images are now available for Red Hat Advanced Cluster Security RHACS, which typically include new features, bug fixes, and/or security patches. See the release notes link in the references section for a description of the fixes and enhancements in this particular release...

9.4CVSS6.8AI score0.00813EPSS
Exploits0References19
OSV
OSV
added 2 days ago3 views

PYSEC-2026-1447 Insecure Jinja2 templates rendered in Haystack Components can lead to RCE

Impact Haystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions. Certain Components in Haystack use Jinja2 templates, if anyone can create and render that template on the client machine they run any code. Patches The problem has been fix...

7.7CVSS6.1AI score0.01171EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2 days ago4 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.28 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.28 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

9.2CVSS6AI score0.00848EPSS
Exploits1References3
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-42035

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection. This issue affects Liman MYS: before release.Master.1107...

8.8CVSS5.9AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-13696

HAVELSAN Inc. Liman MYS is affected by CVE-2026-13696 due to improper neutralization of special elements in LDAP queries (LDAP injection) in versions prior to release.Master.1107. The issue enables network-based LDAP injection with high impact on confidentiality, integrity, and availability (CVSS...

8.8CVSS5.9AI score0.00355EPSS
Exploits0References1
Rows per page
Query Builder