39136 matches found
CVE-2026-56334 Capgo - Missing UPDATE RLS Policy for Build Status Persistence
Capgo before 12.128.2 lacks an UPDATE row-level security policy for the buildrequests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to cause build status and error details to remain unpersisted, leaving buildreques...
CVE-2026-56333
Capgo before 12.128.2 is affected by a server-side validation bypass in organization security settings. The vulnerability lets authenticated org admins bypass backend validation by directly updating the public.orgs table from the browser, bypassing field-level checks such as max_apikey_expiration...
CVE-2026-56328
Capgo before 12.128.2 is affected by an integrity issue where multiple public channels for the same app/platform can coexist, and unnamed /updates requests without a defaultChannel may resolve to a hidden winner channel. An authorized app or channel manager can create an ambiguous default update ...
RHSA-2026:33285 Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Bulletin has no description...
Photon OS 5.0: Vim PHSA-2026-5.0-0908
An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0908. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid32392...
This Week in Spring - June 30th, 2026
Hi, Spring fans! Welcome to another installment of This Week in Spring , a weekly recap in which we review the latest and greatest in the wide and wonderful world of Spring. You probably already knew this. I don't know if I needed to mention it. But I like to. I've been doing this every week,...
CVE-2026-43720
CVE-2026-43720 is a use-after-free vulnerability in Safari related to processing malicious web content, caused by a memory-management issue. The flaw could trigger an unexpected Safari crash. It is fixed in Safari 26.5.2 and affects iOS/iPadOS/macOS Tahoe updates (iOS 26.5.2, iPadOS 26.5.2, macOS...
CVE-2026-43717
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2026-43740
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory...
EUVD-2026-40122
The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters...
CVE-2026-49049 Joomla Extension - joomshaper.com - Unauthenticated access to Helix3 template ajax handler
The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters...
Important: Red Hat Security Advisory: OpenShift Virtualization v4.16 Images
Red Hat OpenShift Virtualization release v4.16 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.13: python3.13-3.13.14-1.1.hum1 aarch64, x8664 python3.13-debug-3.13.14-1.1.hum1 aarch64, x8664 python3.13-devel-3.13.14-1.1.hum1 aarch64, x8664 python3.13-freethreading-3.13.14-1.1.hum1...
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18.0 shipped with IBM Cloud Pak for Business Automation iFixes for June 2026
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation June 2026 security fixes update this dependency beyond 4.18.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a CL...
RealTek Jungle SDK - Arbitrary Command Injection
There is a command injection vulnerability on the "formWsc" page of the management interface. Successful exploitation of this vulnerability could lead to remote code execution and compromise of the affected system. id: CVE-2021-35395 info: name: RealTek Jungle SDK - Arbitrary Command Injection...
About the security content of iOS 26.5.2 and iPadOS 26.5.2
About the security content of iOS 26.5.2 and iPadOS 26.5.2 This update delivers security fixes that were first made available in the iOS 26.6 and iPadOS 26.6 betas. This document describes the security content of iOS 26.5.2 and iPadOS 26.5.2. About Apple security updates For our customers'...
Important Photon OS Security Update - PHSA-2026-4.0-1045
Updates of 'gst-plugins-bad' packages of Photon OS have been released...
Linux Distros Unpatched Vulnerability : CVE-2026-53057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT ...
RHSA-2026:27197 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Bulletin has no description...
EulerOS 2.0 SP15 : libcap (EulerOS-SA-2026-2487)
According to the versions of the libcap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function...