Lucene search
K

4341 matches found

OPENSUSE Linux
OPENSUSE Linux
added 5 days ago6 views

Security update for transmission (moderate)

openSUSE Security Update: Security update for transmission Announcement ID: openSUSE-SU-2026:0237-1 Rating: moderate References: 1267404 Cross-References: CVE-2026-38978 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This...

5.3CVSS6.1AI score0.00305EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-55192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - freerdp2 - None freerdp3 - None Ubuntu Linux - Out-of-bounds read in H.264 YUV-to-RGB conversion due to decoder/surface dimension mismatch...

6.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.11 views

Debian dsa-6381 : ata-modules-6.12.90+deb13-armmp-di - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6381 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6381-1 [email protected] https://www.debian.org/securit...

9.8CVSS6.6AI score0.00497EPSS
Exploits5References52
Debian
Debian
added 2026/07/05 7:9 p.m.8 views

[SECURITY] [DSA 6381-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6381-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2026 https://www.debian.org/security/faq -...

9.8CVSS6.7AI score0.00497EPSS
Exploits5
OSV
OSV
added 2026/06/30 12:1 p.m.2 views

SUSE-SU-2026:2713-1 Security update for tracker

This update for tracker fixes the following issues: - CVE-2026-1765: heap buffer overflow vulnerability in extracttxxxtags bsc1257607. - CVE-2026-1766: heap buffer overflow vulnerability in getid3v23tags bsc1257608...

6.1CVSS6AI score0.00158EPSS
Exploits1References5
NVD
NVD
added 2026/06/26 2:16 a.m.11 views

CVE-2026-50739

A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and trackers through the tracker-campaigns.php script in Revive Adserver 6.0.7 and earlier. As a result, a low‑privileged user could link their trackers to...

4.3CVSS0.00287EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/26 1:11 a.m.44 views

CVE-2026-50739

A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and trackers through the tracker-campaigns.php script in Revive Adserver 6.0.7 and earlier. As a result, a low‑privileged user could link their trackers to...

4.3CVSS0.00287EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/26 1:11 a.m.14 views

EUVD-2026-39601

A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and trackers through the tracker-campaigns.php script in Revive Adserver 6.0.7 and earlier. As a result, a low‑privileged user could link their trackers to...

4.3CVSS5.8AI score0.00287EPSS
Exploits2References1
CVE
CVE
added 2026/06/26 1:11 a.m.21 views

CVE-2026-50739

Revive Adserver 6.0.7 and earlier expose a bypass of ownership validation in the reverse operation that links campaigns and trackers via tracker-campaigns.php. A low-privilege user could link their trackers to campaigns owned by other managers on the same instance, causing inconsistent ownership ...

4.3CVSS5.8AI score0.00287EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/06/24 9:16 p.m.9 views

CVE-2026-52808

Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...

7.1CVSS0.00478EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:27 p.m.5 views

CVE-2026-52808

Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...

7.1CVSS5.9AI score0.00478EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/24 8:27 p.m.29 views

CVE-2026-52808 Gogs: Write-level collaborators can mutate admin-only repository settings via API

Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...

7.1CVSS0.00478EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 5:3 p.m.3 views

GHSA-268J-37XF-PP52 Gogs's write-level collaborators can mutate admin-only repository settings via API

Summary Three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent operations in the web UI sit behind reqRepoAdmin, which requir...

7.1CVSS6AI score0.00478EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/23 5:3 p.m.9 views

Gogs's write-level collaborators can mutate admin-only repository settings via API

Summary Three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent operations in the web UI sit behind reqRepoAdmin, which requir...

7.1CVSS6AI score0.00478EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/23 4:14 p.m.33 views

CVE-2026-34913

A missing access control check when linking trackers to campaigns through the campaign-trackers.php script of Revive Adserver 6.0.6 and earlier could allow a low‑privileged user to link their trackers to campaigns owned by other managers on the same instance, resulting in inconsistent ownership...

4.3CVSS0.00235EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.52 views

PT-2026-51626

Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description An authorization bypass exists where three API endpoints are protected by write-level middleware instead of administrator-level middleware. This allows a collaborator with write access to perfor...

7.1CVSS5.9AI score0.00478EPSS
Exploits0References9
OSV
OSV
added 2026/06/19 6:48 a.m.14 views

MAL-2026-6196 Malicious code in build-tracker-n5p1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e731775fde27ad6db493d20397b27eee9b4a6ea0bf515f9516cc974ea3e12619 Package name suggests build telemetry tooling, but the tarball ships beacon scripts beacon18.js, beaconlinux.js wired to a postinstall lifecycle hook...

5.8AI score
Exploits0References2
Debian
Debian
added 2026/06/17 12:20 p.m.11 views

[SECURITY] [DLA 4633-1] libreoffice security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4633-1 [email protected] https://www.debian.org/lts/security/ Rene Engelhard June 17, 2026 https://wiki.debian.org/LTS -...

7.8CVSS5.8AI score0.00171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS5.9AI score0.00143EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 2:16 a.m.12 views

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

8.1CVSS0.00246EPSS
Exploits1References2
Rows per page
Query Builder