25 matches found
CVE-2026-49823
creationtimestamp| type| source ---|---|--- 2026-06-10 19:19:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxgkin2lm2i 2026-06-11 09:04:32+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnyumzfwqu27...
CVE-2026-49823 Fission: Cross-namespace Package read via unvalidated PackageRef in Function admission webhook
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a Fission Function spec carries three reference types — Secret, ConfigMap, and Package. The first two were namespace-validated by...
CVE-2022-49823
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
EUVD-2025-49823
Malicious code in mereswordtailz3n npm...
CVE-2025-49823
conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...
CVE-2025-49823
creationtimestamp| type| source ---|---|--- 2025-06-17 02:38:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18558...
CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low)
conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...
CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low)
conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...
CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low)
conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...
CVE-2025-49823
Conda Constructor prior to 3.11.3 is affected. The vulnerability arises in shell installer scripts that process the installation prefix (user_prefix) using an eval statement, causing unsanitized user input to be executed as shell code. This can allow command injection via a malicious installation...
SUSE CVE-2022-49823
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is calle...
CVE-2022-49823
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is calle...
CVE-2022-49823
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is calle...
CVE-2022-49823
In CVE-2022-49823, the Linux kernel’s ata_tdev_add() in libata-transport is vulnerable because it does not verify the return value of transport_add_device(). If transport_add_device() fails, the subsequent removal path calls transport_remove_device() and device_del() on a device that may not have...
CVE-2022-49823
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, it causes null-ptr-deref while removing the module, because transportremovedevice is calle...
CVE-2024-49823
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...
CVE-2024-49823
creationtimestamp| type| source ---|---|--- 2025-03-11 01:41:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7079 2025-03-11 04:41:14+00:00| seen| Telegram/SxSx8U--99185zCwggK3tweLBYZnm8XDZAJUgwUx4w2mMsU...
CVE-2024-49823
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...
CVE-2024-49823 IBM Common Cryptographic Architecture denial of service
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...
CVE-2024-49823 IBM Common Cryptographic Architecture denial of service
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...