Lucene search
K

20513 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42634

Summary The OAuth token strategy attached oauth scope and oauth granted resources to the request user, but the ACL middleware never consulted either. An OAuth token issued with a restricted scope e.g. MCP-only therefore inherited the full permissions of the underlying user across all routes; the...

2CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2026/05/20 8:16 p.m.15 views

CVE-2026-24218

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...

8.1CVSS0.00586EPSS
Exploits0References3
OSV
OSV
added 2026/05/20 7:7 p.m.10 views

GO-2026-4994 free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf

free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/subId crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References4
CVE
CVE
added 2026/05/20 5:43 p.m.86 views

CVE-2026-24218

CVE-2026-24218 affects NVIDIA DGX OS. The vulnerability arises during factory provisioning: cloning a base image deploys identical SSH host keys across multiple systems, enabling host impersonation or attacker-in-the-middle attacks. Consequences listed include potential code execution, data tampe...

8.1CVSS5.8AI score0.00586EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/20 5:43 p.m.11 views

CVE-2026-24218

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...

8.1CVSS5.8AI score0.00586EPSS
Exploits0References4
Circl
Circl
added 2026/05/20 3:11 p.m.10 views

CVE-2026-48031

creationtimestamp| type| source ---|---|--- 2026-05-20 15:11:45+00:00| published-proof-of-concept| https://github.com/dhax/go-base/security/advisories/GHSA-mqq6-462x-jxmm...

5.8AI score0.00055EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 12:16 p.m.30 views

CVE-2025-31973

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

9.8CVSS0.00178EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 11:25 a.m.11 views

EUVD-2025-209905

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

9.8CVSS5.8AI score0.00178EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 11:25 a.m.6 views

CVE-2025-31973

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

4CVSS5.8AI score0.00178EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 11:25 a.m.9 views

CVE-2025-31973 HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

4CVSS5.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2026/05/20 11:25 a.m.22 views

CVE-2025-31973

Technical details for CVE-2025-31973 are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.8AI score0.00178EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/20 11:25 a.m.48 views

CVE-2025-31973 HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

4CVSS0.00178EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 10:10 a.m.26 views

RHSA-2026:19180 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

Bulletin has no description...

8.8CVSS7AI score0.00867EPSS
Exploits0References44
OSV
OSV
added 2026/05/20 10:9 a.m.14 views

RHSA-2026:19024 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

Bulletin has no description...

8.8CVSS7AI score0.00867EPSS
Exploits0References44
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference has been discovered in the id3v2readsynchuint function, located in id3v2.c. If id3v2readsynchuint is called with a null work-hdr.framedata, the pointer guint8 data is accessed without validatio...

7.5CVSS6.8AI score0.01074EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.16 views

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management has a security vulnerability, which stems from configuration issues. Using outdated or insecure base images may introduce known vulnerabilitie...

9.8CVSS5.8AI score0.00178EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.15 views

PT-2026-42219

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...

8.1CVSS5.8AI score0.00586EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.10 views

PT-2026-42138

Name of the Vulnerable Software and Affected Versions 389-ds-base affected versions not specified Description A flaw exists in the LDAP server where the get ldapmessage controls ext function fails to enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated...

7.5CVSS5.8AI score0.00815EPSS
Exploits0References54
Redos
Redos
added 2026/05/20 12:0 a.m.8 views

ROS-20260520-73-0009

A vulnerability in the Base component of Google Chrome and Microsoft Edge browsers is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

8.8CVSS6AI score0.00317EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.15 views

PT-2026-42144

HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...

4CVSS5.8AI score0.00178EPSS
Exploits0References2
Rows per page
Query Builder