34998 matches found
OESA-2026-2819 gnome-tour security update
A guided tour and greeter for GNOME.Tour uses by default the logo of the distribution based on the info from /etc/os-release. The application comes with a feature to replace the logo with a welcome video shipped by the distribution. Security Fixes: slab is a pre-allocated storage for a uniform da...
OESA-2026-2817 gnome-tour security update
A guided tour and greeter for GNOME.Tour uses by default the logo of the distribution based on the info from /etc/os-release. The application comes with a feature to replace the logo with a welcome video shipped by the distribution. Security Fixes: slab is a pre-allocated storage for a uniform da...
CVE-2026-14800
Technical details (affected versions, root cause, exploit specifics) are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-41813
A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...
CVE-2026-14800
A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...
EUVD-2026-41810
A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...
ROOT-OS-DEBIAN-13-CVE-2025-71133 CVE-2025-71133 in rootio-linux - Patched by Root
Root has patched CVE-2025-71133 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-39691 CVE-2025-39691 in rootio-linux - Patched by Root
Root has patched CVE-2025-39691 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-71138 CVE-2025-71138 in rootio-linux - Patched by Root
Root has patched CVE-2025-71138 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-39684 CVE-2025-39684 in rootio-linux - Patched by Root
Root has patched CVE-2025-39684 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23471 CVE-2026-23471 in rootio-linux - Patched by Root
Root has patched CVE-2026-23471 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23312 CVE-2026-23312 in rootio-linux - Patched by Root
Root has patched CVE-2026-23312 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
UBUNTU-CVE-2026-14786
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function rstrwordget0set of the file libr/util/str.c. The manipulation results in integer overflow. The attack must be initiated from a local position. The exploit has been released to the public and may be use...
PT-2026-56025
Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.474 Description The buildHelperImage function in app/Livewire/Settings/Index.php constructs a Docker build command using the dev helper version field without proper shell escaping. This allows an attacker w...
PT-2026-56021
Name of the Vulnerable Software and Affected Versions mrubyc versions prior to 3.4.2 Description An out-of-bounds read occurs during the builtin missing-method lookup within the mrbc find method function. Recommendations Update to a version newer than 3.4.1. As a temporary mitigation, restrict th...
ALSA-2026:35892 Important: nodejs:22 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...
Debian dsa-6381 : ata-modules-6.12.90+deb13-armmp-di - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6381 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6381-1 [email protected] https://www.debian.org/securit...
CVE-2026-14760 radareorg radare2 regprofile disasm.c r_core_seek_arch_bits use after free
A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function rcoreseekarchbits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made availabl...
CVE-2026-14750
A security flaw has been discovered in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The affected element is the function Notescontroller::accessingdictionaryauthorization of the file application/PHP/objects/notes/accessingdictionaryauthorization.php. The manipulation of the...
CVE-2026-14751
A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...