Chromium: CVE-2026-11122 Inappropriate implementation in Keyboard

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-9991 Inappropriate implementation in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-9124 Insufficient validation of untrusted input in Input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-8514 Use after free in Aura

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-8006 Insufficient policy enforcement in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2025-206829

Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance...

CVE-2025-15329 Tanium addressed an information disclosure vulnerability in Threat Response.

Tanium addressed an information disclosure vulnerability in Threat Response...

EUVD-2025-206520

Tanium addressed a SQL injection vulnerability in Asset...

PT-2026-5239

Tanium addressed a SQL injection vulnerability in Asset...

CVE-2025-46294

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This...

CVE-2025-46294

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This...

Chromium: CVE-2025-13634 Inappropriate implementation in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2025-11216 Inappropriate implementation in Storage

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2024-45797

CVE-2024-45797 affects LibHTP prior to 0.5.49, where unbounded processing of HTTP request/response headers can cause excessive CPU and memory usage, leading to DoS-like slowdowns. The issue is addressed in LibHTP 0.5.49. Public disclosures in Ubuntu USN-7814-1 and Debian DLA-4295-1, and related O...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Pillow arbitrary code execution vulnerabilitiy.

Summary Potential Pillow arbitrary code execution vulnerabilitity have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-50447 DESCRIPTION:...

CVE-2023-49276

Uptime Kuma is an open source self-hosted monitoring tool. In affected versions the Google Analytics element in vulnerable to Attribute Injection leading to Cross-Site-Scripting XSS. Since the custom status interface can set an independent Google Analytics ID and the template has not been...

Server side request forgery (ssrf)

PostHog provides open-source product analytics, session recording, feature flagging and A/B testing that you can self-host. A server-side request forgery SSRF, which can only be exploited by authenticated users, was found in Posthog. Posthog did not verify whether a URL was local when enabling...

Design/Logic Flaw

Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and before 24.0.9 a user could escalate their permissions to delete files they were not supposed to deletable but only viewed or downloaded. This issue has been addressed andit is recommended that the...

CVE-2022-22997

Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices...

CVE-2022-22998

Implemented protections on AWS credentials that were not properly protected...