3042 matches found
CVE-2026-6873
A flaw was found in Django. A remote attacker could exploit a non-injective salt derivation in django.http.HttpRequest.getsignedcookie by crafting specific cookie name and salt argument pairs. This vulnerability allows the attacker to use a signed cookie in a different context than intended,...
CVE-2026-6873
An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one wher...
CVE-2025-41259
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
CVE-2026-6873 Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie
An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one wher...
CVE-2026-6873 Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie
An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one wher...
EUVD-2026-34086
An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation concatenating the cookie name and salt argument, which allows a remote attacker to use a cookie in a context different from the one wher...
EUVD-2025-210052
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
CVE-2025-41259
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
CVE-2025-41259
SWUpdate (affected before 2026.05) suffers a TOCTOU race in the signed update process, enabling local unprivileged users to escalate to root or install untrusted contents. No exploitation vectors are detailed beyond this description; remediation/version details are not explicitly stated in the pr...
CVE-2025-41259 SWUpdate Untrusted Script Execution via Signed Update TOCTOU
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
CVE-2025-41259 SWUpdate Untrusted Script Execution via Signed Update TOCTOU
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
PT-2026-45914
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions
A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...
Dstack-Capsule: Pod-Level Remote Attestation for Confidential Workloads on Kubernetes
The rise of LLM-as-a-Service and other confidential cloud workloads demands cryptographic proof that user data is processed in a trusted, untampered environment. Existing solutions, notably Confidential Containers CoCo, enforce a strict "one Pod per VM" model that attests only the Guest OS stack,...
kas checks out SHA-like git branches as valid commits
Impact When relying solely on a git commit ID SHA-1 or SHA-256 to qualify if a checkout of a repository is equivalent to the state validated while adding its commit ID to a kas configuration, users may be tricked to check out a branch of the same name from this repository. This implies that the...
SUSE-SU-2026:21945-1 Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: - Get rid of "'naked' return found in MITIGATIONRETHUNK build" objtool warnings bsc1212841, bsc1263834 - update CUDA variant to 580.159.03 - update non-CUDA variant to 580.159.03 bsc1262749 - Fixes CVEs: CVE-2025-33221,...
SUSE-SU-2026:21882-1 Security update for nvidia-open-driver-G06-signed
This update for nvidia-open-driver-G06-signed fixes the following issues: - Get rid of "'naked' return found in MITIGATIONRETHUNK build" objtool warnings bsc1212841, bsc1263834 - update CUDA variant to 580.159.03 - update non-CUDA variant to 580.159.03 bsc1262749 - Fixes CVEs: CVE-2025-33221,...
php:8.2 security update
An update is available for module.libzip, php-pear, libzip, php-pecl-rrd, module.php-pecl-xdebug3, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, module.php-pear, php-pecl-apcu. This update affects Rocky Linux 8. A Common Vulnerability Scoring Syst...
PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions
A flaw was found in PHP. Some functions, including urldecode, incorrectly pass signed characters to character type ctype functions. On certain systems, this can lead to accessing memory with a negative offset. This vulnerability can be exploited by an attacker to trigger a denial of service DoS,...
Important: Red Hat Security Advisory: php:8.2 security update
An update for the php:8.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...