736 matches found
EUVD-2026-42819
Out-of-bounds write in libpadm.so library prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code...
CVE-2026-53963
Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a malicious second factor name on an attacker-controlled account was not escaped in the delete confirmation dialog, allowing stored cross-site scripting when an administrator impersonated that...
Use of Cache Containing Sensitive Information
Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information in the UpdateCacheMiddleware and cachepage process when responses that vary on...
CVE-2026-40047
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Apache Camel Docling component. The camel-docling component invokes the external docling command-line tool by assembling an argument list in DoclingProducer and executing it through...
ROOT-OS-UBUNTU-2404-CVE-2026-23458 CVE-2026-23458 in rootio-linux - Patched by Root
Root has patched CVE-2026-23458 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
PT-2026-55488
Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.31 PHP versions 8.3.0 through 8.3.31 PHP versions 8.4.0 through 8.4.22 PHP versions 8.5.0 through 8.5.7 Description The OpenSSL extension contains a buffer allocation flaw in the AES-WRAP-PAD algorithm...
SUSE-SU-2026:2597-1 Security update for podman
This update for podman rebuilds it against the current go security release...
SUSE-SU-2026:2595-1 Security update for rekor
This update for rekor rebuilds it against the current go security release...
PT-2026-51022
Name of the Vulnerable Software and Affected Versions Node.js version 22 Node.js version 24 Node.js version 26 Description A flaw in the Node.js HTTP Agent allows a client to accept a response as valid even if it was sent before the client transmitted the request. This issue has caused real-world...
SUSE-SU-2026:2452-1 Security update for rootlesskit
This update for rootlesskit rebuilds it against the current go security release...
SUSE-SU-2026:2451-1 Security update for rootlesskit
This update for rootlesskit rebuilds it against the current go security release...
SUSE-SU-2026:2420-1 Security update for container-suseconnect
This update for container-suseconnect rebuilds it against the current go security release...
SUSE-SU-2026:2416-1 Security update for buildah
This update for buildah rebuilds it against the current go security release...
SUSE-SU-2026:2415-1 Security update for buildah
This update for buildah rebuilds it against the current go security release...
SUSE-SU-2026:2414-1 Security update for runc
This update for runc rebuilds it against the current go security release...
SUSE-SU-2026:2413-1 Security update for distribution
This update for distribution rebuilds it against the current go security release...
SUSE-SU-2026:2407-1 Security update for containerized-data-importer
This update for containerized-data-importer rebuilds the current sources against latest go security release and the images against the latest released updates...
[SECURITY] Fedora 43 Update: thunderbird-149.0.1-3.fc43
Mozilla Thunderbird is a standalone mail and newsgroup client...
Chromium: CVE-2026-10948 Use after free in WebRTC
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Security update for podman
This update for podman rebuilds it against the current go security release. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your product: openSUSE Leap 15.4...