VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Denial of Service via crafted Portable Executable (PE) files. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787.
Denial of Service via crafted FSG file parsing. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787.
On July 1, 2026, the Cisco Product Security Incident Response Team (PSIRT) published the following advisories: Cisco Security Advisory CVE-ID Security Impact Rating CVSS Base Score Cisco Catalyst Center Arbitrary File Read Vulnerability CVE-2026-20191 High 7.5 ClamAV Vulnerabilities Affecting Cisco Products: July 2026 CVE-2026-20216 CVE-2026-20213 CVE-2026-20214 CVE-2026-20215 CVE-2026-20217 CVE-2026-20243 CVE-2026-20244 High 7.5 To fully remediate the vulnerabilities that were disclosed on July 1, 2026, Cisco strongly recommends that customers upgrade to the fixed software that is indicated in the advisories. For more information about changes in Cisco PSIRT vulnerability disclosure, see Strengthening the Foundation: A Predictable, Customer-Focused Response to AI-Accelerated Vulnerability Discovery. <br/>Security Impact Rating: Informational
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files from a restricted container of the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X <br/>Security Impact Rating: High <br/>CVE: CVE-2026-20191
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root. Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW <br/>Security Impact Rating: Critical <br/>CVE: CVE-2026-20230
Privilege escalation and code execution via race condition. Red Hat rates this important (CVSS 8.5). Weakness: CWE-367.
Privilege escalation to administrator-level access via usergroup role assignment manipulation. Red Hat rates this important (CVSS 8.8). Weakness: CWE-266. Red Hat lists fixing advisory RHSA-2026:34366 with package foreman-0:3.14.0.17-1.el9sat, foreman-0:3.18.0.7-1.el9sat, foreman-0:3.12.0.17-1.el9sat, foreman-0:3.12.0.17-1.el8sat. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 8.
Authentication bypass via predictable session IDs. Red Hat rates this important (CVSS 7.4). Weakness: CWE-331.
Host-root command execution via unvalidated image config labels in CRI plugin. Red Hat rates this important (CVSS 8.8). Weakness: CWE-78. Red Hat lists fixing advisory RHSA-2026:37252 with package rhacm2/submariner-rhel9-operator:1782933193, multicluster-engine/assisted-service-8-rhel8:1783332008, trivy-main-0.72.0-0.1.hum1, multicluster-engine/assisted-service-9-rhel9:1783350355.
fix UAF due to unlocked ->mnt_ns read in may_decode_fh(). Red Hat rates this moderate (CVSS 7). Weakness: CWE-364.
Mitigate TLBI errata on various Arm CPUs. Red Hat rates this moderate (CVSS 7). Weakness: CWE-1037.
clear i_sends on setup unwind. Red Hat rates this moderate (CVSS 7). Weakness: CWE-825.
File store write outside working directory via symlink traversal. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-22.
Cookie injection allows planting cookies for unrelated domains. Red Hat rates this moderate (CVSS 4). Weakness: CWE-346.
containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service (DoS) condition. When creating a container from this image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill of the containerd process. This renders the container runtime API unavailable and can disrupt clients such as the Docker Engine or Kubernetes control-plane components. This issue has been fixed in versions 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2.
Heap buffer overwrite via incorrect argument handling in JP2 encoder. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-787.
Denial of Service via invalid arguments to connected-components option. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-835.
Denial of Service via crafted image in MVG decoder. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-787.
Heap buffer overflow in MVG decoder allows out-of-bounds write. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-787.
Denial of Service via crafted 8BIM profile. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-825.