Buscar noticias

Ctrl/Cmd para multiselección
Total: 3298

It was discovered that Cyborg did not properly enforce project ownership in the Accelerator Request (ARQ) API. An authenticated user could possibly use this issue to delete ARQs bound to other projects' instances, resulting in a cross-tena…

Ubuntu CVE-2026-40214CVE-2026-40213 CVSS 7.4 2026-06-09 16:09 UTC · 2026-06-09 13:09 -03

It was discovered that Lodash was vulnerable to a prototype pollution issue in the zipObjectDeep function. An attacker could possibly use this issue to modify application behavior. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04…

Ubuntu CVE-2020-8203CVE-2020-28500CVE-2021-23337CVE-2025-13465CVE-2026-2950CVE-2026-4800 CVSS 7.4 2026-06-09 15:16 UTC · 2026-06-09 12:16 -03

USN-8398-1 fixed a vulnerability in nginx. The update introduced a regression causing nginx to crash when being used with external modules. This update reverts the fix for CVE-2026-49975 pending further investigation. We apologize for the…

Ubuntu CVE-2026-49975 CVSS 7.5 2026-06-09 13:48 UTC · 2026-06-09 10:48 -03

USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the corresponding fix for alsa-lib on Ubuntu 20.04 LTS. Original advisory details: It was discovered that alsa-lib incorrectly handled the topology mixer control decode…

Ubuntu 2026-06-09 09:23 UTC · 2026-06-09 06:23 -03

Akshat Sinha discovered that shell-quote improperly validated object-token inputs. An attacker could possibly use this issue to cause shell-quote to crash, resulting in a denial of service, or execute arbitrary code.

Ubuntu 2026-06-09 08:38 UTC · 2026-06-09 05:38 -03