121681 matches found
GitLab CE/EE 跨站请求伪造漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 18.9.6, 18.10.4, and 18.11.1 had a...
PT-2026-34284
The Inquiry Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.2. This is due to missing nonce verification in the rd ic settings page function when processing settings form submissions. This makes it possible for unauthenticated...
openSUSE 16 Security Update : qemu (openSUSE-SU-2026:20567-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20567-1 advisory. Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests se...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013631)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013631 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element...
PT-2026-34275
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in ksmbd when processing compound requests, such as READ combined with QUERY INFOSecurity. If the initial command consumes most of the response buffer, ksmb...
PT-2026-34414
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A circular locking dependency exists in the NFC NCI component. The nci close device function flushes rx wq and tx wq while holding the req lock mutex. This creates a conflict because nci...
PT-2026-34320
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...
PT-2026-34445
An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013438)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013438 advisory. In the Linux kernel, the following vulnerability has been resolved: block: don't call rqqosops-donebio if the bio isn't tracked rqqos framework is only applied on...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013772)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013772 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fix PCI device refcount leak in pchrequestdma As comment of pcigetslot says, it...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013863)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013863 advisory. In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine...
Linux Distros Unpatched Vulnerability : CVE-2026-31473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can...
Linux Distros Unpatched Vulnerability : CVE-2026-31513
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of- bounds read in l2capecredconnreq Syzbot reported a KASAN...
PT-2026-34286
Name of the Vulnerable Software and Affected Versions Call To Action Plugin versions prior to 3.1.4 Description The plugin is susceptible to Cross-Site Request Forgery due to missing nonce validation in the cbox options page function, which manages the saving, creation, and deletion of plugin...
CVE-2026-31192
Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the concurrent execution of MEDIAGRANT and VIDIOCREQBUFS, potentially leading to reuse after...
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 1.4.3 contained security vulnerabilities. These vulnerabilities stemmed from the HTTPUEContextTransfer handler’s lack of a default scenario in the Content-Type switch statement. When a...
Oracle MySQL Server InnoDB Denial of Service Vulnerability (CNVD-2026-18432)
Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from the InnoDB component failing to properly...
actix-http has HTTP/1.1 CL.TE Request Smuggling
A vulnerability in actix-http's HTTP/1.1 request parser allows an unauthenticated remote client to smuggle requests in deployments where a front-end HTTP intermediary and the Actix backend disagree about whether Content-Length or Transfer-Encoding: chunked defines the request body length...
VulnCheck KEV: CVE-2026-33626
LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...