Lucene search
K

10462 matches found

Oracle linux
Oracle linux
added 2026/03/18 12:0 a.m.9 views

grub2 security update

2.06-114.0.1.el97.1 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it Orabug: 37693946 - net/dns: Fix removal of DNS server Orabug:...

7.8CVSS5.8AI score0.00872EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.3 views

RHEL 9 : grub2 (RHSA-2026:4823)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4823 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

7.8CVSS5.9AI score0.0019EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 6:30 p.m.5 views

EUVD-2026-12604

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/17 6:20 p.m.3 views

grub2: Missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References5
NVD
NVD
added 2026/03/17 6:16 p.m.5 views

CVE-2026-32293

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS0.00332EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/17 6:12 p.m.5 views

grub2: Missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References5
CVE
CVE
added 2026/03/17 5:19 p.m.25 views

CVE-2026-32293

The affected device is the GL-iNet Comet (GL-RM1) KVM. During boot, it connects to a GL-iNet site to provision client and CA certificates, but it does not verify the certificates used for this connection. This enables a network attacker to perform a man-in-the-middle attack to serve invalid clien...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 5:19 p.m.3 views

CVE-2026-32293 GL-iNet Comet (GL-RM1) KVM insufficient certificate validation

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/17 5:19 p.m.22 views

CVE-2026-32293 GL-iNet Comet (GL-RM1) KVM insufficient certificate validation

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS0.00332EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/17 5:19 p.m.3 views

CVE-2026-32293

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References4
CVE
CVE
added 2026/03/17 1:52 p.m.22 views

CVE-2026-4324

The vulnerability CVE-2026-4324 affects the Katello plugin for Red Hat Satellite. It arises from improper sanitization in the sort_by parameter of the /api/hosts/bootc_images endpoint, enabling remote SQL injection that can cause Denial of Service via database errors and potentially extract data ...

5.4CVSS6AI score0.00262EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.14 views

PT-2026-25915

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References6
Spring Security Advisories
Spring Security Advisories
added 2026/03/17 12:0 a.m.6 views

This Week in Spring - March 17th, 2026

Hi, Spring fans! Welcome to another rip-roaring installment of This Week in Spring , which I'm posting ahead of my keynote at the amazing JavaOne 2026 event here in sunny San Francisco, California! I love Piotr's latest post on using local AI models with LM Studio and Spring AI Did you see the ne...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.10 views

PT-2026-25899

Name of the Vulnerable Software and Affected Versions Red Hat Satellite Katello Plugin affected versions not specified Description A flaw exists in the Katello plugin for Red Hat Satellite due to improper sanitization of user-provided input. This allows a remote attacker to inject arbitrary SQL...

5.4CVSS7.3AI score0.00262EPSS
Exploits0References15
vulnersOsv
vulnersOsv
added 2026/03/17 12:0 a.m.11 views

ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +168 more potentially affected by CVE-2026-22729 via org.springframework.ai:spring-ai-vector-store (>=1.1.0-M1 <=1.1.2)

org.springframework.ai:spring-ai-vector-store MAVEN version =1.1.0-M1, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =25.4.0, =1.21.2, =0.1.0, =0.3.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-22729 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15679673...

8.6CVSS5.4AI score0.00521EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/03/17 12:0 a.m.9 views

kernel security update

5.14.0-611.41.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

7.8CVSS6.3AI score0.00173EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/03/17 12:0 a.m.11 views

grub2 security update

2.02-170.0.1.el810.1 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it Orabug: 37693946 - net/dns: Fix removal of DNS server Orabug:...

7.8CVSS5.8AI score0.01588EPSS
Exploits1
Oracle linux
Oracle linux
added 2026/03/17 12:0 a.m.12 views

kernel security update

6.12.0-124.45.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

5.8AI score0.00182EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/03/17 12:0 a.m.6 views

grub2 security update

2.12-29.0.1.el101.2 - efinet: Close and reopen card on failure Orabug: 37808688 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it...

7.8CVSS5.8AI score0.00872EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/16 7:41 p.m.14 views

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References2
Rows per page
Query Builder