EUVD-2026-25629

Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0 allow remote authenticated users with delegated signing authority to write files outside intended output directories via absolute target names in copytarget/linktarget, symlinked parent directories in savetarget, or symlinked...

SUSE SLES12 Security Update : docker-stable (SUSE-SU-2025:1344-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1344-1 advisory. - CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from...

Cross site scripting

Reflected cross-site scripting XSS vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php...

CVE-2023-49453

RackTables (versions prior to 0.22.0) is affected by a reflected XSS in the search component (index.php?page=search). The vulnerability allows remote/local attackers to execute arbitrary JavaScript in the context of the affected page, potentially exposing sensitive information. The root cause is ...