53 matches found
Astra Linux - уязвимость в djvulibre
A issue was discovered in IW44Image.cpp within djvulibre 3.5.28, which allows attackers to cause a denial of service through division by zero...
CVE-2026-33343 affecting package etcd for versions less than 3.5.28-1
CVE-2026-33343 affecting package etcd for versions less than 3.5.28-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-33413 affecting package etcd for versions less than 3.5.28-1
CVE-2026-33413 affecting package etcd for versions less than 3.5.28-1. An upgraded version of the package is available that resolves this issue...
BIT-ETCD-2026-33413 etcd: Authorization bypasses in multiple APIs
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...
CVE-2026-33413
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...
UBUNTU-CVE-2026-33343
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...
CVE-2026-33413 etcd: Authorization bypasses in multiple APIs
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted...
CVE-2026-33343
The connected advisory for CVE-2026-33343 relates to etcd: Nested etcd transactions can bypass RBAC authorization checks when an authenticated user with restricted key-range permissions uses nested transactions. This allows such a user to bypass key-range restrictions and potentially access the e...
CVE-2026-33343 etcd: Nested etcd transactions bypass RBAC authorization checks
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with...
etcd 安全漏洞
Etcd is an open-source system developed in Go language, used as a key-value storage system for distributed systems. There are security vulnerabilities in versions prior to 3.4.42, 3.5.28, and 3.6.9 of etcd. These vulnerabilities stem from nested transactions that can bypass key range authorizatio...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in multiple functions in the gRPC API layer, including MemberList and Compact. An attacker can gain unauthorized access to sensitive cluster operations and information, such as viewing cluster topology, disrupting...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in multiple functions in the gRPC API layer, including MemberList and Compact. An attacker can gain unauthorized access to sensitive cluster operations and information, such as viewing cluster topology, disrupting...
GHSA-RFX7-8W68-Q57Q etcd: Nested etcd transactions bypass RBAC authorization checks
Impact What kind of vulnerability is it? Who is impacted? An authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with direct access to etcd to effectively ignore all key range...
EUVD-2021-26932
Malware in sbrugna...
EUVD-2021-33001
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-46312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero. CVE-2021-46312 Note that...
WordPress MasterStudy LMS plugin <= 3.5.28 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin MasterStudy LMS versions = 3.5.28...
OESA-2023-1641 djvulibre security update
DjVu is a set of compression technologies, a file format, and a software platform for the deliveryover the Web of digital documents, scanned documents, and high resolution images.DjVu documents download and display extremely quickly, and look exactly the same on all platforms with no compatibilit...
SUSE CVE-2021-46310
An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...
SUSE CVE-2021-46312
An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...