877232 matches found
RHSA-2026:25381 Red Hat Security Advisory: flatpak security update
Bulletin has no description...
RHSA-2026:25253 Red Hat Security Advisory: runc security update
Bulletin has no description...
RHSA-2026:25251 Red Hat Security Advisory: containernetworking-plugins security update
Bulletin has no description...
RHSA-2026:25250 Red Hat Security Advisory: skopeo security update
Bulletin has no description...
RHSA-2026:25239 Red Hat Security Advisory: openssl security update
Bulletin has no description...
RHSA-2026:25248 Red Hat Security Advisory: podman security update
Bulletin has no description...
RHSA-2026:25237 Red Hat Security Advisory: openssl security update
Bulletin has no description...
RHSA-2026:25227 Red Hat Security Advisory: libsndfile security update
Bulletin has no description...
RHSA-2026:25222 Red Hat Security Advisory: .NET 10.0 security update
Bulletin has no description...
RHSA-2026:25221 Red Hat Security Advisory: .NET 9.0 security update
Bulletin has no description...
RHSA-2026:25219 Red Hat Security Advisory: redis:7 security update
Bulletin has no description...
RHSA-2026:25218 Red Hat Security Advisory: kernel security update
Bulletin has no description...
RHSA-2026:25216 Red Hat Security Advisory: valkey security update
Bulletin has no description...
BIT-GITLAB-2026-9694 Improper Neutralization of Substitution Characters in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions, could have allowed an unauthenticated user to impersonate the GitLab Support Bot and inject arbitrary content via a specially...
BIT-GITLAB-2026-8589 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 13.1.4 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to add unauthorized email addresses to a targeted user's account due to improper...
BIT-GITLAB-2026-6976 Authorization Bypass Through User-Controlled Key in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to hide changes from merge request diff views due to...
BIT-GITLAB-2026-6552 Authorization Bypass Through User-Controlled Key in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 15.5 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with group Owner role to take over another group member's GitLab account due to improper...
BIT-GITLAB-2026-6277 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 13.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with Security Manager-role permissions to manage project security configuration even whe...
ECHO-1AE5-1AA8-8736
Bulletin has no description...
ECHO-C2A9-CB6F-D4B0
Bulletin has no description...
ECHO-EBFF-11FA-7124
Bulletin has no description...
ECHO-1D9F-02A2-CD6E
Bulletin has no description...
ECHO-A9BB-DC9E-FA5F
Bulletin has no description...
BIT-SQLITE-2026-11824 SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...
BIT-JENKINS-2026-53442
Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not encrypt secrets from POST config.xml submissions before storing them in job configurations unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission, or access to t...
BIT-JENKINS-2026-53440
Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not ensure that the "from" parameter in the "Delegate to servlet container" security realm is safe to redirect to after login, allowing attackers to perform phishing attacks by redirecting users to an attacker-controlled domain...
BIT-JENKINS-2026-53439
Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...
BIT-JENKINS-2026-53438
A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...
BIT-JENKINS-2026-53436
Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains relative path segments ./ or ../, allowing attackers to perform phishing attacks...
BIT-JENKINS-2026-53435
In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in Jenkins core or plugins from an attacker-controlled config.xml submission in a way that allows them to handle HTTP requests afterwards. This can be used to...
CGA-4VWC-3X55-4M28
Bulletin has no description...
MAL-2026-5683 Malicious code in trongapy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aacf2f97461deed6a022e67932b5b4af6e99163664e4de6b0a16256fd68a3cd4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
RLSA-2026:24984 Important: poppler security update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...
RLSA-2026:25113 Important: .NET 9.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime...
CGA-9MQF-WXGF-RMVC
Bulletin has no description...
ROOT-APP-MAVEN-CVE-2025-48976 CVE-2025-48976 in io.root.commons-fileupload:commons-fileupload - Patched by Root
Root has patched CVE-2025-48976 in the io.root.commons-fileupload:commons-fileupload package for Root:Maven. Multiple fixed versions available...
DEBIAN-CVE-2026-44892
Bulletin has no description...
CGA-W7P7-2RQ5-8X24
Bulletin has no description...
CGA-R78V-2M6W-5437
Bulletin has no description...
ROOT-OS-DEBIAN-13-CVE-2026-31649 CVE-2026-31649 in rootio-linux - Patched by Root
Root has patched CVE-2026-31649 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-39816 CVE-2025-39816 in rootio-linux - Patched by Root
Root has patched CVE-2025-39816 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-46216 CVE-2026-46216 in rootio-linux - Patched by Root
Root has patched CVE-2026-46216 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23319 CVE-2026-23319 in rootio-linux - Patched by Root
Root has patched CVE-2026-23319 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-21751 CVE-2025-21751 in rootio-linux - Patched by Root
Root has patched CVE-2025-21751 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-39714 CVE-2025-39714 in rootio-linux - Patched by Root
Root has patched CVE-2025-39714 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-68745 CVE-2025-68745 in rootio-linux - Patched by Root
Root has patched CVE-2025-68745 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-43213 CVE-2026-43213 in rootio-linux - Patched by Root
Root has patched CVE-2026-43213 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-43485 CVE-2026-43485 in rootio-linux - Patched by Root
Root has patched CVE-2026-43485 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23231 CVE-2026-23231 in rootio-linux - Patched by Root
Root has patched CVE-2026-23231 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-71163 CVE-2025-71163 in rootio-linux - Patched by Root
Root has patched CVE-2025-71163 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...