12475 matches found
CVE-2026-0259
An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...
[SECURITY] Fedora 43 Update: rust-sequoia-wot-0.15.2-1.fc43
An implementation of OpenPGP's web of trust...
Security Update for Microsoft Visual Studio Code Nx-Console Extension (CVE-2026-48027)
The Microsoft Visual Studio Code Nx-Console Extension is version 18.95.0. It is, therefore, affected by an embedded malicious code vulnerability. The compromised extension fetched an obfuscated payload that could harvest credentials from multiple sources on disk and in memory. Note that Nessus ha...
EUVD-2025-210052
SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...
CVE-2026-45372
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...
[SECURITY] Fedora 43 Update: perl-Sereal-Decoder-5.005-1.fc43
This library implements a deserializer for an efficient, compact-output, and feature-rich binary protocol called Sereal...
[SECURITY] Fedora 43 Update: perl-Sereal-Encoder-5.005-1.fc43
This library implements an efficient, compact-output, and feature-rich serializer using a binary protocol called Sereal...
openSUSE 16 Security Update : cups (openSUSE-SU-2026:20812-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20812-1 advisory. This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. -...
Jupyter Server vulnerable to open redirect
Overview Jupyter Server provided by Jupyter Development Team contains the vulnerability listed below. Open redirect CWE-601 - CVE-2025-61669 Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA and the developer. JPCERT/CC coordinated with the developer to publish t...
[SECURITY] Fedora 44 Update: rrdtool-1.9.0-11.fc44
RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data i.e. network bandwidth, machine-room temperature, server load average. It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data t...
ALSA-2026:21706 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...
CVE-2026-44830
Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...
[SECURITY] Fedora 42 Update: rust-sequoia-git-0.6.0-2.fc42
A tool for managing and enforcing a commit signing policy...
.NET 10.0 security update
10.0.108-1.0.1 - Add support for Oracle Linux 10.0.108-1 - Update to .NET SDK 10.0.108 and Runtime 10.0.8 - Resolves: RHEL-173906...
RHEL 9 : .NET 8.0 (RHSA-2026:21293)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21293 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
TencentOS Server 3: thunderbird (TSSA-2026:0360)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0360 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
MAL-2026-4368 Malicious code in @beyondbday/vibe-terminal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9859c1af428f41ba7f7eb2a1db744705f5644ff2422629d94e3de1ecb59c9405 On every launch of the vibe CLI, dist/vibe.js queries the npm registry for the latest version of @beyondbday/vibe-terminal and, if newer than the...
CVE-2026-9490 Acer Care Center creates a Named Pipe with a weak Security Descriptor
A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...
PT-2026-43021
Name of the Vulnerable Software and Affected Versions Acer Care Center affected versions not specified Description The ACCSvc service creates a Named Pipe with a weak Security Descriptor. This allows an authenticated local user to connect and send a specially crafted message of type 0x03 to the...
mcphost-0.34.0-5.1 on GA media (moderate)
mcphost-0.34.0-5.1 on GA media Announcement ID: openSUSE-SU-2026:10845-1 Rating: moderate Cross-References: CVE-2026-33814 CVE-2026-39827 CVE-2026-39831 CVE-2026-39832 CVE-2026-39835 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-39827 SUSE : 6.5...