107 matches found
Astra Linux – Vulnerability in Thunderbird
Previously, Firefox for macOS and Linux would download temporary files to a user-specific directory in /tmp. However, this behavior was changed so that the files were downloaded to /tmp, where they could be affected by other local users. This behavior has been reverted to the original,...
CVE-2026-27410
Unauthenticated Deserialization of untrusted data in Slimstat Analytics 5.4.0 versions...
PT-2026-50560
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The unarchive internal module's archive extraction commands lack code-level validation for extracted file paths. This causes the module to rely on the behavior o...
CVE-2025-2137 affecting package nodejs for versions less than 24.14.1-3
CVE-2025-2137 affecting package nodejs for versions less than 24.14.1-3. An upgraded version of the package is available that resolves this issue...
CVE-2026-3219 affecting package python-pip for versions less than 24.2-8
CVE-2026-3219 affecting package python-pip for versions less than 24.2-8. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2026-42320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary file...
Kibana 8.x < 8.19.16 / 9.0.x < 9.3.5 / 9.4.x < 9.4.1 DoS (ESA-2026-32)
The version of Kibana installed on the remote host is prior to 8.19.16, 9.3.5, or 9.4.1. It is, therefore, affected by a vulnerability as referenced in the ESA-2026-32 advisory. - Uncontrolled Resource Consumption CWE-400 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-13...
CVE-2026-46597 affecting package cf-cli for versions less than 8.7.11-6
CVE-2026-46597 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...
CVE-2026-8980
The Mennekes Amtron series firmware versions ≤ 5.22.3 is vulnerable to privilege escalation. An authenticated low-privileged user can change the passwords of the admin operator and manufacturer accounts via crafted POST requests...
Amazon Linux 2023 : libpq, libpq-devel (ALAS2023-2026-1711)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1711 advisory. Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack...
CVE-2026-6861 affecting package emacs for versions less than 29.4-4
CVE-2026-6861 affecting package emacs for versions less than 29.4-4. A patched version of the package is available...
CVE-2026-31682 affecting package kernel for versions less than 6.6.134.1-2
CVE-2026-31682 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2026-31496 affecting package kernel for versions less than 6.6.134.1-2
CVE-2026-31496 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2026-31623 affecting package kernel for versions less than 6.6.137.1-1
CVE-2026-31623 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-31689 affecting package kernel for versions less than 6.6.137.1-1
CVE-2026-31689 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-31525 affecting package kernel for versions less than 6.6.134.1-2
CVE-2026-31525 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2026-31586 affecting package kernel for versions less than 6.6.137.1-1
CVE-2026-31586 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-27312 Bridge | Heap-based Buffer Overflow (CWE-122)
Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-33456 Potential livestatus injection in notification test
Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...
CVE-2026-35177 affecting package vim for versions less than 9.2.0315-1
CVE-2026-35177 affecting package vim for versions less than 9.2.0315-1. An upgraded version of the package is available that resolves this issue...