VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1726 advisories across 32 monitored vendors.
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When content is served or proxied through a location block with both source_charset utf-8; and a charset directive (for example, charset koi8-r;) configured, remote, unauthenticated attackers can send requests (in conjunction with conditions beyond their control) to cause a heap buffer over-read in the NGINX worker process, leading to limited disclosure of memory or a restart. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When content is served or proxied through a location block with both source_charset utf-8; and a charset directive (for example, charset koi8-r;) configured, remote, unauthenticated attackers can send requests (in conjunction with conditions beyond their control) to cause a heap buffer over-read in the NGINX worker process, leading to limited disclosure of memory or a restart. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. A flaw was found in NGINX. Remote, unauthenticated attackers can exploit a vulnerability in the `ngx_http_charset_module` when specific charset configurations are present. This can lead to a heap buffer over-read, potentially causing limited disclosure of memory or a denial of service by restarting the NGINX worker process. Red Hat severity: Moderate — CVSS 4.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L). Weakness: CWE-125. Fixed by RHSA-2026:27197 — update the affected packages (`sudo dnf update`). Affected Red Hat products: Red Hat Hardened Images.
Multiple NetApp products incorporate OpenSSL. OpenSSL version 4.0 is susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS). Successful exploitation of this vulnerability could lead to Denial of Service (DoS). Affected products: NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0 and 3.6 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Affected products: NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, 3.4 and 3.0 (AES-SIV mode only) are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. Affected products: Active IQ Unified Manager for Linux, Active IQ Unified Manager for VMware vSphere, NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, 3.4, and 3.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS). Successful exploitation of this vulnerability could lead to Denial of Service (DoS). Affected products: Active IQ Unified Manager for Linux, Active IQ Unified Manager for VMware vSphere, Management Services for Element Software and NetApp HCI, NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, and 3.4 is/are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Successful exploitation of this vulnerability could lead to disclosure of sensitive information. Affected products: Active IQ Unified Manager for VMware vSphere, Management Services for Element Software and NetApp HCI, NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs), NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate OpenSSL. OpenSSL versions 4.0, 3.6, 3.5, 3.4, 3.0, 1.1.1, and 1.0.2 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS). Successful exploitation of this vulnerability could lead to Denial of Service (DoS). Affected products: Active IQ Unified Manager for Linux, Active IQ Unified Manager for VMware vSphere, NetApp Console Agent Container (adc), NetApp Console Agent Container (cbs-backend), NetApp HCI Baseboard Management Controller (BMC) - H610S, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12. Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Red Hat severity: Moderate — CVSS 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). Weakness: CWE-131. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 10.0 Extended Update Support; Red Hat Enterprise Linux 7 Extended Lifecycle Support; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.8 Telecommunications Update Service; Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.6 Extended Update Support; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Red Hat severity: Moderate — CVSS 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). Weakness: CWE-787. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 10.0 Extended Update Support; Red Hat Enterprise Linux 7 Extended Lifecycle Support; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On; Red Hat Enterprise Linux 8.8 Telecommunications Update Service; Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.6 Extended Update Support; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
Mitigation bypass in the DOM: Security component. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-807. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Memory safety bug fixed in Thunderbird ESR 140.12. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-787. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Information disclosure, sandbox escape in the Security: Process Sandboxing component. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-403. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Information disclosure, sandbox escape in the Security: Process Sandboxing component. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-243. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Memory safety bug fixed in Thunderbird ESR 140.12. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-825. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Memory safety bug fixed in Thunderbird ESR 140.12. Red Hat rates this moderate (CVSS 6.1). Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Same-origin policy bypass in the Networking: Cookies component. Red Hat rates this moderate (CVSS 6.1). Weakness: CWE-346. Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
Mitigation bypass in the DOM: Security component. Red Hat rates this moderate (CVSS 6.1). Affected package(s): firefox, thunderbird. Resolved in Red Hat advisory RHSA-2026:29940 — update the affected packages (`sudo dnf update`).
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least write access. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ <br/>Security Impact Rating: Medium <br/>CVE: CVE-2026-20262
Information Disclosure due to Out-of-Bounds Read. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-125. Affected package(s): perl-socket-main. Resolved in Red Hat advisory RHSA-2026:11342 — update the affected packages (`sudo dnf update`).