Tagged: Cybersecurity Alert

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows...

The Emailchef plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the page_options_ajax_disconnect() function in all versions up to, and including, 3.5.1. This makes it possible...

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. More information :...

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. More information :...

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches. More information : https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur...

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. More information :...

A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service. More information : https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default. More information : https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

The Gallagher Website Design plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s login_link shortcode in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping...

The Gutentools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Slider block’s block_id attribute in all versions up to, and including, 1.1.3. This is due to insufficient input sanitization and...

A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file....

A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable...

A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing...