82309 matches found
GHSA-W5FC-G575-V9QJ vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-VPRH-JJ4G-R8H9 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-53353
In the Linux kernel, the following vulnerability has been resolved: hsr: Remove WARNONCE in hsraddrisself. syzbot reported the warning 0 in hsraddrisself, whose assumption is simply wrong. hsr-selfnode is cleared in hsrdelselfnode, which is called from hsrdellink. Since dev-rtnllinkops-dellink is...
GHSA-P3QW-GCRH-3PQ6 vulnerabilities
Vulnerabilities for packages: firefox...
CVE-2026-7322 vulnerabilities
Vulnerabilities for packages: firefox...
GHSA-C6CH-GP25-6CPV vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-366C-RRQJ-7GMP vulnerabilities
Vulnerabilities for packages: chromium...
UBUNTU-CVE-2026-53353
In the Linux kernel, the following vulnerability has been resolved: hsr: Remove WARNONCE in hsraddrisself. syzbot reported the warning 0 in hsraddrisself, whose assumption is simply wrong. hsr-selfnode is cleared in hsrdelselfnode, which is called from hsrdellink. Since dev-rtnllinkops-dellink is...
CVE-2026-53353
The CVE-2026-53353 entry concerns the Linux kernel HSR subsystem. A timing window exists where hsr->self_node can be absent because hsr_del_self_node() clears self_node in hsr_dellink() and dellink() may complete before unregister_netdevice_many(), leaving a race that can affect self-node chec...
EUVD-2026-40987
In the Linux kernel, the following vulnerability has been resolved: hsr: Remove WARNONCE in hsraddrisself. syzbot reported the warning 0 in hsraddrisself, whose assumption is simply wrong. hsr-selfnode is cleared in hsrdelselfnode, which is called from hsrdellink. Since dev-rtnllinkops-dellink is...
CGA-RM6G-2FQ2-C9WX
Bulletin has no description...
CVE-2026-12577
DVP80ES3 with Improperly Implemented Security Check for Standard vulnerability...
CVE-2026-56233
creationtimestamp| type| source ---|---|--- 2026-07-01 03:07:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpkjzfrh7s2o...
Linux Distros Unpatched Vulnerability : CVE-2026-13938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...
CVE-2026-58373
CVAT before 2.69.0 contains an improper authorization vulnerability in QualityReportViewSet.getqueryset that allows authenticated attackers to enumerate quality report identifiers belonging to other organizations by exploiting a missing checkobjectpermissions call on the parentid query parameter ...
CVE-2026-58375
JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @JimuNoLoginRequired, so JimuReportTokenInterceptor skips all authentication and authorization, and the export service streams the rendered report for any supplied report id...
CVE-2026-58375
JimuReport up to version 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication. The handler is annotated @JimuNoLoginRequired, allowing JimuReportTokenInterceptor to skip auth, and the export service streams the rendered report for any supplied report id without verifying t...
CVE-2026-58375
JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @JimuNoLoginRequired, so JimuReportTokenInterceptor skips all authentication and authorization, and the export service streams the rendered report for any supplied report id...
EUVD-2026-40362
JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @JimuNoLoginRequired, so JimuReportTokenInterceptor skips all authentication and authorization, and the export service streams the rendered report for any supplied report id...
CVE-2026-58375 JimuReport 2.5.0 - Unauthenticated Report Export via /jmreport/auto/export
JimuReport through 2.5.0 exposes the POST /jmreport/auto/export endpoint without authentication: the handler is annotated @JimuNoLoginRequired, so JimuReportTokenInterceptor skips all authentication and authorization, and the export service streams the rendered report for any supplied report id...