7103 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in curl's cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an...
Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview
A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...
Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview
A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Always report an error in runonedelayedref. Currently, we have a btrfsdebug function for handling failures in runonedelayedref. However, if end users encounter such problems, there will be no chance that btrfsdebug is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: airoha: Fixed the issue related to qid reporting in the airohatcgethtbgetleafqueue routine. Fixed the following kernel warnings when deleting HTB offloaded leafs and/or root HTB qdisc in the airohaeth driver, ensuring tha...
Malicious code in twrap-toolkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174cba09d5ec9724bd55871c7f74c27ff8592bf55c06464204e0591667377259 twraptoolkit/init.py defines getpayload which issues a plaintext HTTP request to http://194.5.152.9:8080/hacks/textwrap-toolkit/textwraptoolkit/init....
curl: Secure cookies leaked to HTTP origins through HTTPS forwarding proxy
Summary: When curl accesses an http:// origin through an HTTPS forwarding proxy, it sends Secure cookies in the request. The cookies travel in cleartext between the proxy and the origin server, visible to the proxy operator and anyone on that network path. curl also reports CURLINFOSCHEME as...
EUVD-2026-36640
A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...
CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites
A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...
CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites
A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...
PT-2026-49075
Name of the Vulnerable Software and Affected Versions libreport affected versions not specified Description A symlink following issue exists in the ABRT post-create event handler scripts. These scripts write output files using shell redirections without the O NOFOLLOW flag a flag that prevents a...
aetherion
/\ | | | | | |...
Cloud Files Security Review Tool
This code performs a defensive security assessment of Windows systems by reviewing configuration elements associated with Cloud Files components, environment manipulation opportunities, temporary file exposure, and Windows Error Reporting artifacts...
June 9, 2026—KB5094123 (OS Build 17763.8880)
June 9, 2026—KB5094123 OS Build 17763.8880 Summary This article lists the security issues and quality improvements included in this cumulative security update. Windows Server 2019Windows 10, version 1809 Applies to: Windows Server 2019This security update includes fixes and quality improvements...
AnSploit
Ansploit v2.0 — Android Network Security & Exploitation Toolki...
CVE-2026-11120
An insufficient validation of untrusted input flaw was found in the Enterprise Reporting component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501467566...
SUSE CVE-2026-11120
Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
Google Chrome < 149.0.7827.53 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a...
Google Chrome < 149.0.7827.53 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a...