VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Information disclosure via incorrect Digest authentication header reuse. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-201. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Certificate validation bypass due to incorrect connection reuse. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-295. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Use-after-free vulnerability leading to Denial of Service. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-825.
In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal resources. This vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to and including 2026.2. This vulnerability does not affect devices that do not support the Access Portal feature or standalone Fireboxes not deployed in a FireCluster.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-1071. This issue affects Fireware OS 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937. This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Apache Tomcat versions 11.0.0-M1 through 11.0.22, 10.1.0-M1 through 10.1.55, 9.0.0.M1 through 9.0.118, 8.5.0 through 8.5.100, 7.0.0 through 7.0.109 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Erlang OTP ssh: Denial of Service via infinite loop in SFTP channel. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-835.
Erlang OTP ssh: Information disclosure via SFTP REALPATH handler. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-204. Red Hat lists fixing advisory RHSA-2026:35998 with package erlang27-main-27.3.4.14-1.hum1.
DPoP verifier accepts malformed proof with private key material. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-358.
Server-Side Request Forgery allows unauthorized internal network access. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-918.
Request smuggling via re-parsing of Content-Length header. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-444. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
use chan timer to close channels in cleanup_listen(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-413.
Cookie injection allows planting cookies for unrelated domains. Red Hat rates this moderate (CVSS 4). Weakness: CWE-346.
containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service (DoS) condition. When creating a container from this image, memory exhaustion occurs, leading to an Out Of Memory (OOM) kill of the containerd process. This renders the container runtime API unavailable and can disrupt clients such as the Docker Engine or Kubernetes control-plane components. This issue has been fixed in versions 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2.
Heap buffer overwrite via incorrect argument handling in JP2 encoder. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-787.
Denial of Service via invalid arguments to connected-components option. Red Hat rates this moderate (CVSS 4.7). Weakness: CWE-835.