VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1720 advisories across 32 monitored vendors.
OpenSSH sshd: Security bypass due to incorrect handling of forwarding and tunneling options. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-358. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1.
Undocumented GSSAPIStrictAcceptorCheck behavior impacts security in Windows Active Directory. Red Hat rates this moderate (CVSS 4.8). Weakness: CWE-909. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1.
SFTP security bypass due to command-line argument parsing flaw. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-88. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1.
`scp` file misplacement vulnerability during remote copy. Red Hat rates this moderate (CVSS 4.6). Weakness: CWE-22.
sftp client allows attacker to control downloaded file location. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-22. Red Hat lists fixing advisory RHSA-2026:37382 with package openssh-main-10.4p1-1.hum1.
Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent() pointing into potentially reallocated memory. A flaw was found in the X.org X11 server, specifically within the GLX (OpenGL Extension to the X Window System) dispatch layer. A remote attacker can exploit this vulnerability by sending a series of crafted X11 requests. This can lead to a use-after-free condition, where the server attempts to write data to memory that has already been released. The primary consequence of this memory corruption is a denial of service, potentially causing the X server to crash. An Important use-after-free vulnerability in the X.org X11 server's GLX dispatch layer allows a remote, unauthenticated attacker to trigger a denial of service. This is considered Important due to the remote attack vector and the potential for unauthenticated denial of service. Red Hat severity: Important — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-825. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8. Red Hat fixing advisory: RHSA-2026:38489, RHSA-2026:38490.
Unauthenticated access to AI guardrails and orchestrator APIs. Red Hat rates this moderate (CVSS 6.3).
Gorch port bypass when auth IS enabled. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-306.
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure Affected product named by the advisory: GitLab.
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure A flaw was found in Wireshark. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted BLF file, leading to the disclosure of sensitive information. Red Hat severity: Low — CVSS 2.5 (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). Weakness: CWE-237. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level access to modify compliance violation records due to improper authorization on certain GraphQL operations.
GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level settings beyond their intended permissions due to improper authorization controls.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from the content available for download, due to improper handling of Git reference name resolution.
Auditor-level users can modify compliance records via improper authorization in GraphQL. Red Hat rates this low (CVSS 2.7). Weakness: CWE-639.
Magick.NET-Q16-HDRI-x64: Magick.NET-Q16-HDRI-x86: Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-OpenMP-x86: Magick.NET-Q16-arm64: Magick.NET-Q16-x64: Magick.NET-Q16-x86: Magick.NET-Q8-AnyCPU: Magick.NET-Q8-OpenMP-arm64: Magick.NET-Q8-OpenMP-x64: Magick.NET-Q8-arm64: Magick.NET-Q8-x64: Magick.NET-Q8-x86: ImageMagick: Information disclosure via heap-buffer-overflow read. Red Hat rates this low (CVSS 3.3). Weakness: CWE-125.
Denial of Service and Information Disclosure via heap buffer overflow in FTXT encoder. Red Hat rates this low (CVSS 3.3). Weakness: CWE-125.
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation could lead to a denial of service, making the system unavailable, or potentially allow for arbitrary code execution, giving the attacker control over the affected system. Conditions for Exploitation: Successful exploitation requires user interaction or a specific application workflow. Impact Limitations: Although the heap overflow has the potential to allow for arbitrary code execution, achieving this reliably is typically complex and highly dependent on the memory layout and protections of the specific application utilizing the library. In most common scenarios, the malformed archive will simply cause the parsing application to crash, resulting in a localized Denial of Service (DoS) rather than a full system compromise. Red Hat severity: Low — CVSS 3.9 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L). Affected Red Hat products: Red Hat Hardened Images; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat OpenShift Container Platform 4.
Non-constant-time comparison in PBKDF2-SHA256 password verification. Red Hat rates this low (CVSS 3.7). Weakness: CWE-208.
A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossing the Airflow security boundary that DAG-author code must never execute in those processes. Users are advised to upgrade to `apache-airflow` 3.3.0 or later. As a defense-in-depth mitigation, deployments where DAG-author trust is limited can restrict the `[core] allowed_deserialization_classes` config to a narrow allowlist.
Heap overflow when preparsing SQL statements with excessive placeholders. Red Hat rates this important (CVSS 8.1). Weakness: CWE-131.