3719 matches found
WordPress Themify Builder < 7.5.8 - Open Redirect
The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...
Gitea 1.22.0 - Cross-Site Scripting
Gitea 1.22.0 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows an attacker to inject malicious scripts that get stored on the server and executed in the context of another user's session. id: CVE-2024-6886 info: name: Gitea 1.22.0 - Cross-Site Scripting...
ROOT-OS-UBUNTU-2204-CVE-2025-71289 CVE-2025-71289 in rootio-linux - Patched by Root
Root has patched CVE-2025-71289 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-46187 CVE-2026-46187 in rootio-linux - Patched by Root
Root has patched CVE-2026-46187 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
CVE-2023-37524
HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...
Linux Distros Unpatched Vulnerability : CVE-2026-54275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existi...
MiracleLinux 8 : dracut-049-244.git20260529.el8_10 (AXSA:2026-806:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-806:01 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...
SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2026:2453-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2453-1 advisory. This update for java-180-ibm fixes the following issues - CVE-2026-22007: APIs in the specified component can lead to an unauthorized read acce...
Linux Distros Unpatched Vulnerability : CVE-2026-53703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties...
PT-2026-49616
CVE ID :CVE-2026-54295 Published : June 15, 2026, 6:32 p.m. | 1 hour, 18 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Linux Distros Unpatched Vulnerability : CVE-2026-44492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...
CVE-2026-42914
creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...
CVE-2026-8784
A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...
CVE-2026-45776 Open XDMoD has Broken Access Control via Client-Controlled Session Variable
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request that sets a session variable used for authorization decisions. If an installation of Open XDMoD...
Linux Distros Unpatched Vulnerability : CVE-2026-11192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via...
@beemstream/keystone-document-gallery (>=2.0.0 <=2.0.6), @k6js/admin-ui (>=0.3.0-20250618-02 <=0.4.7) +19 more potentially affected by CVE-2026-10802 via @keystone-6/core (>=1.1.1 <=6.5.2)
@keystone-6/core NPM version =1.1.1, =2.0.0, =0.3.0-20250618-02, =1.0.17, =1.0.19, =0.0.1, =2.1.0, =2.1.0-beta.0, =0.0.1-alpha.1, =1.0.0, =6.0.21, =1.0.0, =1.0.3, =1.0.12 and more Source cves: CVE-2026-10802 Source advisory: SNYK:JS-KEYSTONE6CORE-17179719...
UBUNTU-CVE-2026-46270
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.5.32) +47 more potentially affected by CVE-2026-48587 via django (>=6.0.0 <=6.0.5)
django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 and more Source cves: CVE-2026-48587 Source advisory: OSV:PYSEC-2026-198...
Linux Distros Unpatched Vulnerability : CVE-2025-71313
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may le...
CVE-2026-44881
creationtimestamp| type| source ---|---|--- 2026-05-29 00:23:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmxbhnzpaf2w 2026-06-11 19:22:45+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnzx6hyanz2x 2026-06-11 19:27:32+00:00| seen|...