PT-2026-45377

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.7 Apache ActiveMQ versions 6.0.0 through 6.2.5 Description Incomplete authorization in the server allows authenticated connections to remove existing destinations when they possess the proper permissions...

CVE-2026-45571

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.1 and 6.0.0-alpha.4, a path validation issue in go-git could allow crafted repository data to affect files outside the intended checkout target, including the repository's .git directory. These validations were...

OESA-2026-1608 activemq security update

The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: A vulnerability classified as problematic has been found in Apache ActiveMQ Application Server Software.CWE is classifying the issue as CWE-190. The product performs a calculation that can produce...

Intel I350 Series Ethernet 安全漏洞

Intel I350 Series Ethernet is a series of Ethernet controllers from Intel Corporation USA. A security vulnerability exists in Intel I350 Series Ethernet prior to version 5.19.2, which stems from improper initialization and could lead to information disclosure...

Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information due to the storage of user credentials in an unencrypted format in the LocalStorage of a web browser. Remediation Upgrade openc3 to version 5.19.0 or higher. References - GitHub Commit Credit:...

PYSEC-2024-100

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting XSS vulnerability. This vulnerability is fixed in 5.19.0. Note: This CVE only affects Open Source Edition, and...

CVE-2024-6703

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ and 'btntxt' parameters in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output...

Node.js: Regular Expression Denial of Service in Headers fetch API

Undici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the Headers.set and Headers.append methods are vulnerable to Regular Expression Denial of Service ReDoS attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normali...

ALPINE-CVE-2022-42719

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code...

PT-2022-33311 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.6 Description: The issue is related to the net/mlx5 module, where an irq is not disabled when locking lag lock. This could potentially lead to security vulnerabilities, although the actual impact and attac...

PT-2022-33384 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.17 through v5.19.3 Description: The issue is related to the ASoC DPCM component. It was introduced in version v5.17 and fixed in version v5.19.4. The actual impact and attack plausibility have not yet been proven...

PT-2022-33474 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to the removal of a UUID from the s390 debug log in the vfio/ccw component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...

PT-2022-33562 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: A potential buffer overflow issue exists in the ni set mc special registers function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version...

PT-2022-33236 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.8 Description: The issue is related to the IFORCE XMIT RUNNING flag in the Linux Kernel. It was introduced in version v2.6.33 and is fixed in version v5.19.8. The actual impact and attack plausibility have...

PT-2014-1423

Name of the Vulnerable Software and Affected Versions file versions prior to 5.19 Red Hat Enterprise Linux file-static-5.04 Red Hat Enterprise Linux file-5.04 Red Hat Enterprise Linux file-debuginfo-5.04 Red Hat Enterprise Linux file-libs-5.04 Red Hat Enterprise Linux file-devel-5.04 Debian...