26098 matches found
ROOT-OS-UBUNTU-2404-CVE-2025-68756 CVE-2025-68756 in rootio-linux - Patched by Root
Root has patched CVE-2025-68756 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38143 CVE-2025-38143 in rootio-linux - Patched by Root
Root has patched CVE-2025-38143 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21790 CVE-2025-21790 in rootio-linux - Patched by Root
Root has patched CVE-2025-21790 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38055 CVE-2025-38055 in rootio-linux - Patched by Root
Root has patched CVE-2025-38055 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40107 CVE-2025-40107 in rootio-linux - Patched by Root
Root has patched CVE-2025-40107 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-68349 CVE-2025-68349 in rootio-linux - Patched by Root
Root has patched CVE-2025-68349 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-31776 CVE-2026-31776 in rootio-linux - Patched by Root
Root has patched CVE-2026-31776 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-31440 CVE-2026-31440 in rootio-linux - Patched by Root
Root has patched CVE-2026-31440 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40196 CVE-2025-40196 in rootio-linux - Patched by Root
Root has patched CVE-2025-40196 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39745 CVE-2025-39745 in rootio-linux - Patched by Root
Root has patched CVE-2025-39745 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-46184 CVE-2026-46184 in rootio-linux - Patched by Root
Root has patched CVE-2026-46184 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-28490 CVE-2026-28490 in rootio-Authlib - Patched by Root
Root has patched CVE-2026-28490 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available...
Altenergy Power Control Software C1.2.5 - Remote Command Injection
Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/settimezone parameter, because of settimezone in models/managementmodel.php. An attacker can potentially obtain sensitive information, modify data, and/or execut...
CVE-2026-11477 hs-web hsweb-framework OAuth2 Client OAuth2Client.java OAuth2Client redirect
A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The manipulation results in op...
CVE-2026-11470
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...
CVE-2026-11470
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...
Important: ruby4.0
Issue Overview: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in...
PT-2026-47624
Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only read parquet and arc partition agg via regex denylist. The broader DuckDB I/O function family — read csv auto, read csv, read json, read json auto, read text, read blob, glob, parquet metadata, parquet schema,...
TinyMCE Cross-Site Scripting (XSS) vulnerability using through data-mce- prefixed src, href, style attributes
Impact Stored XSS vulnerability via unsanitized data-mce- attributes data-mce-href, data-mce-src, data-mce-style. Allows attackers to inject malicious values that override safe attributes during serialization, bypassing validation. Patches Patched by stripping unsafe data-mce- attributes during...
CVE-2026-8124
A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidxboxread of the file src/isomedia/boxcodebase.c. The manipulation leads to allocation of resources. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The...