PT-2026-37648

Name of the Vulnerable Software and Affected Versions Cisco Unity Connection affected versions not specified Description Insufficient validation of user-supplied input in the web-based management interface allows an authenticated remote attacker to execute arbitrary code as root. This is achieved...

ROS-20260506-73-0044

Vulnerability in erlang related to flaws in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...

PT-2026-38309

Name of the Vulnerable Software and Affected Versions MISP modules versions 3.0.7 and earlier Description A Cross-Site Request Forgery CSRF issue in the MISP Modules website allows an attacker to trick an authenticated user into submitting unintended requests to the "/home" endpoint. This occurs...

PT-2026-37474

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Bluetooth L2CAP component fails to perform a key size check when receiving L2CAP LE CONN REQ. This missing validation is contrary to the L2CAP/LE/CFC/BV-15-C requirement, which expec...

PT-2026-37520

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the kaweth set rx mode function, which serves as the ndo set rx mode callback. This function incorrectly calls netif stop queue and netif wake queue, which are TX queu...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an URB leak in the pvr2sendrequestex function. This vulnerability may lead to the submission of write...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from manipulating the TX queue in the kawethsetrxmode function. This vulnerability may lead to the...

PT-2026-37563

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pvrusb2 media component where the pvr2 send request ex function fails to handle a scenario where a write USB Request Block URB—a data structure used for USB...

PT-2026-38317

Name of the Vulnerable Software and Affected Versions Playwright Capture affected versions not specified Description Playwright Capture fails to sufficiently restrict navigations and resource requests initiated by rendered pages. An attacker-controlled page can abuse browser-side redirection...

PT-2026-37618

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description Stale rq-bio values in request-based device-mapper targets can cause double-initialization of cloned bios. This leads to use-after-free and double-free scenarios. For instance, when usin...

RHCOS 4 : OpenShift Container Platform 4.2.29 openshift (RHSA-2020:1527)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1527 advisory. - kubernetes: Use of unbounded 'client' label in apiserverrequesttotal allows for memory exhaustion CVE-2020-8552 Note that Nessus has not...

RHCOS 4 : OpenShift Container Platform 4.4.8 openshift (RHSA-2020:2448)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2448 advisory. - kubernetes: Server side request forgery SSRF in kube-controller-manager allows users to leak secret information CVE-2020-8555 Note that...

RHCOS 3 : OpenShift Container Platform 3.11.462 (RHSA-2021:2517)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2517 advisory. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly recycled in Gzip Request...

RHCOS 4 : OpenShift Container Platform 4.7.13 (RHSA-2021:2122)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2122 advisory. - golang: data race in certain net/http servers including ReverseProxy can lead to DoS CVE-2020-15586 - golang: ReadUvarint and...

RHCOS 4 : OpenShift Container Platform 4.4.3 haproxy (RHSA-2020:1936)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1936 advisory. - haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 - haprox...

ROS-20260506-73-0024

Vulnerability in tomcat related to flaws in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...

ROS-20260506-73-0025

Vulnerability in tomcat10 related to a flaw in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...

RHCOS : OpenShift Container Platform 4.8.25 (RHSA-2021:5208)

The remote Red Hat Enterprise Linux CoreOS host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5208 advisory. - haproxy: does not ensure that the scheme and path portions of a URI have the expected characters CVE-2021-39240 - haproxy: an HTTP...

Linux Distros Unpatched Vulnerability : CVE-2026-43250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: chipidea: udc: fix DMA and SG cleanup in epnuke The ChipIdea UDC driver can encounter not page aligned sg buffer errors when a USB device is reconnected...

PT-2026-37626

Name of the Vulnerable Software and Affected Versions Gazelle versions prior to 0.50 Description Improper header precedence allows HTTP Request Smuggling. The software incorrectly prioritizes the Content-Length header over Transfer-Encoding: chunked when both are present in an HTTP request,...