Lucene search
K

14928 matches found

GithubExploit
GithubExploit
added 2026/05/08 2:17 a.m.153 views

Dirty-Frag-Kubernetes-PoC

Dirty Frag CVE-2026-43284 — Kubernetes Container Escape PoC...

6.2AI score0.93235EPSS
Exploits31
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.14 views

Magnitude Simba Amazon Redshift JDBC Driver 安全漏洞

The Magnitude Simba Amazon Redshift JDBC Driver is a JDBC driver provided by the American company Magnitude. It enables database connection through the standard JDBC Application Programming Interface API available in the Java Platform Enterprise Edition. Versions of the Magnitude Simba Amazon...

9.2CVSS6.1AI score0.00573EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 5:3 p.m.9 views

CLSA-2026-1778163112 Update of cups

Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/07 4:48 p.m.3 views

GHSA-GR3R-CRP5-QRRM Compromised tag of intercom-php published via GitHub

Impact On April 30, 2026, a malicious commit was pushed to the intercom/intercom-php repository and tagged as version 5.0.2, using a compromised service account github-management-service. This occurred as part of the same supply chain attack that affected intercom-client on npm. The malicious...

9.3CVSS5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/07 3:11 p.m.5 views

CLSA-2026-1778166697 Update of cups

Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/07 3:11 p.m.7 views

CLSA-2026-1778166693 Update of cups

Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...

5.8AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 1:22 a.m.10 views

Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure

Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. An issue exists where, under certain circumstances, improper input validation in the FSx Windows File Server volum...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 12:6 a.m.15 views

Spring Cloud AWS missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications

Impact Applications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did not verify the signature of incoming SNS messages. An unauthenticated attacker who knows the endpoint URL could...

6.3CVSS6AI score0.00179EPSS
Exploits0References5Affected Software1
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.11 views

GHSA-FPJQ-C37H-CQCV vulnerabilities

Vulnerabilities for packages: kyverno, kyverno-notation-aws, kyverno-fips, kyverno-notation-aws-fips...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.28 views

CVE-2026-41506 vulnerabilities

Vulnerabilities for packages: argo-events, zot, guac, argo-workflows-fips, google-osconfig-agent, pulumi-language-dotnet, kaniko, goreleaser, trivy-operator, trivy-fips, kyverno-fips, commercial-chainloop-cli, syft-fips, zarf, gitaly-fips, mapotf, skaffold-fips, external-secrets-operator-fips,...

7.4CVSS5.8AI score0.00259EPSS
Exploits0
OSV
OSV
added 2026/05/06 12:0 a.m.7 views

OPENSUSE-SU-2026:10699-1 amazon-cloudwatch-agent-1.300066.1-1.1 on GA media

These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.8AI score0.01163EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-38516

These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.8AI score0.01163EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/05 6:21 p.m.12 views

FireFighter has unauthenticated SSRF in its Raid jira_bot endpoint that allows IAM credential theft

Impact The POST /api/v2/firefighter/raid/jirabot endpoint CreateJiraBotView is reachable without authentication permissionclasses = permissions.AllowAny. Its attachments payload is fetched server-side via httpx.get with no URL validation, then uploaded as an attachment on the Jira ticket that get...

9.9CVSS6AI score0.00272EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/05 12:30 a.m.24 views

EUVD-2026-27149

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.14 views

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1664)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1664 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using oghttp as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To...

7.5CVSS7AI score0.00495EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.17 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-116 (ALASKERNEL-5.10-2026-116)

The version of kernel installed on the remote host is prior to 5.10.252-250.1016. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-116 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to...

7.8CVSS7.4AI score0.96775EPSS
Exploits228References12
Amazon
Amazon
added 2026/05/05 12:0 a.m.13 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...

7.8CVSS6.8AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.12 views

Important: kernel-livepatch-6.18.15-14.217

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.16 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...

7.8CVSS7AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.15 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Rows per page
Query Builder