45 matches found
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.16.2 security update
Red Hat Advanced Cluster Management for Kubernetes 2.16 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.16 images Red Hat Advanced Cluster Management for Kubernetes provides...
PT-2026-39410
Name of the Vulnerable Software and Affected Versions Next.js versions 10.0.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description When self-hosting with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size...
CVE-2026-34238 ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. This issue has be...
CVE-2018-25252 FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP...
CLEANSTART-2026-EQ51133 Security fixes for CVE-2023-5870, CVE-2024-7348, CVE-2025-8713, CVE-2025-8714, CVE-2025-8715 applied in versions: 16.1-r0, 16.2-r0, 16.4-r0, 17.6-r0
Multiple security vulnerabilities affect the postgresql package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-86VQ-CCWF-RM62 Umbraco.Engage.Forms Allows Unauthorized Access to Multiple API Endpoints
Description A vulnerability has been identified in Umbraco Engage where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the network without requiring a valid session or user credentials. By supplying ...
CVE-2026-27449
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the...
PT-2026-21993
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.2 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 GitLab CE/EE versions 18.9 through 18.9.0 Description A flaw exists in GitLab CE/EE that, under specific conditions, could allow an unauthenticated user to...
CVE-2022-42845
The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges...
CVE-2024-10484
The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Team' widget in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-39585
creationtimestamp| type| source ---|---|--- 2025-04-16 12:57:06+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12035 2025-04-16 14:44:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmwtcckwej2z 2025-04-16 16:02:56+00:00| seen| https://t.me/cvedetector/23098...
WordPress Happy Addons for Elementor plugin <= 3.16.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin Happy Addons for Elementor versions = 3.16.2...
CVE-2022-43454
A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges...
EnterpriseDB Postgres Advanced Server 安全漏洞
EnterpriseDB Postgres Advanced Server EPAS is an application from EnterpriseDB, Inc. used to extend the functionality of Postgres databases. A security vulnerability exists in EnterpriseDB Postgres Advanced Server that stems from allowing files to be read that they would otherwise not be able to...
Red Hat OpenStack Platform 资源管理错误漏洞
Red Hat OpenStack Platform is a cloud computing management platform from Red Hat, Inc. A resource management error vulnerability exists in Red Hat OpenStack Platform versions 16.1 and 16.2, which stems from the presence of uncontrolled resource consumption...
SUSE CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The...
CVE-2022-46710
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Location data may be shared via iCloud links even if Location metadata is disabled via the Share Sheet...
DEBIAN-CVE-2022-32919
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing...
Autodesk Desktop Connector Code Issue Vulnerability
Autodesk Desktop Connector is a desktop connection software from Autodesk, Inc. A security vulnerability exists in Autodesk Desktop Connector 16.2.1 and earlier versions, which stems from a maliciously crafted DLL file that could be forced to install to a non-default location and could be used by...
GitLab Enterprise Edition Security Vulnerability
GitLab Enterprise Edition EE is a content management system from the US-based GitLab, Inc. A security vulnerability exists in GitLab Enterprise Edition that stems from a security hole when updating a target branch. Affected products and versions: GitLab EE versions 15.3 through 16.2.8 prior, 16.3...