12475 matches found
traefik-3.6.12-1.1 on GA media (moderate)
traefik-3.6.12-1.1 on GA media Announcement ID: openSUSE-SU-2026:10444-1 Rating: moderate Cross-References: CVE-2026-32305 CVE-2026-32595 CVE-2026-32695 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all security issues...
[SECURITY] Fedora 42 Update: python3.11-3.11.15-2.fc42
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...
CVE-2025-9497
Use of Hard-coded Credentials vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5.0...
[SECURITY] Fedora 44 Update: rust-reqsign-huaweicloud-obs-3.0.0-1.fc44
Huawei Cloud OBS signing implementation for reqsign...
CVE-2026-33874
Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik...
CVE-2021-27102
Accellion FTA 912411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA912416 and later...
SUSE: Security Advisory (SUSE-SU-2026:1041-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-59388
A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and later...
CVE-2026-31854
Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visited website contains maliciously crafted instructions, the model may attempt to follow them in order to “assist” the user. When combined with a bypass of the command whitelist mechanism, such indirect prompt injections...
PT-2026-28400
Name of the Vulnerable Software and Affected Versions Daylight Studio FuelCMS version 1.5.2 Description FuelCMS version 1.5.2 contains a SQL injection issue through the /controllers/Login.php component. The vulnerability is located in the /controllers/Login.php component and allows for potential...
EUVD-2026-15807
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths
Overview SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2026-33253 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-140.9.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
CVE-2026-20637
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system...
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2026-083-02)
The version of mozilla-thunderbird installed on the remote host is prior to 140.9.0esr. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-083-02 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...
CVE-2026-33046
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...
[SECURITY] Fedora 42 Update: mingw-openexr-3.3.8-1.fc42
MinGW Windows openexr library...
Advisory ROSA-SA-2026-3208
Software: webmin 2.520 WASP: ROSA-CHROME unaffected versions = webmin-2.520-1 affected versions webmin-2.520-1 CVE-ID: CVE-2025-61541 BDU-ID: 2025-14429 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getwebminemailurl function of the Webmin hosting control panel is related to access delimitatio...
Fedora 42 : wireshark (2026-a92f2096cd)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a92f2096cd advisory. New version 4.6.4 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Vulnerabilities fixed in Adobe Acrobat Reader
Adobe has fixed vulnerabilities in Adobe Acrobat Reader versions up to 25.001.21265. The vulnerabilities include a Use After Free vulnerability that can be exploited to achieve arbitrary code execution. This vulnerability is triggered when a user opens a maliciously crafted file. In addition, the...