Lucene search
K

4827 matches found

NVD
NVD
added 2026/06/26 8:17 p.m.10 views

CVE-2026-52780

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, cache store poisoning leads to Remote Code Execution RCE. This vulnerability is fixed in 17.3.3 and 17.4.1...

9.6CVSS0.00233EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:9 p.m.29 views

CVE-2026-52780 OpenProject: Cache store poisoning leads to Remote Code Execution (RCE)

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, cache store poisoning leads to Remote Code Execution RCE. This vulnerability is fixed in 17.3.3 and 17.4.1...

9.6CVSS0.00233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:9 p.m.8 views

CVE-2026-52780

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, cache store poisoning leads to Remote Code Execution RCE. This vulnerability is fixed in 17.3.3 and 17.4.1...

9.6CVSS5.9AI score0.00233EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52911

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.3 OpenProject versions prior to 17.4.1 Description Cache store poisoning allows for Remote Code Execution RCE, a process where an attacker executes arbitrary code on a remote machine. Recommendations Update t...

9.6CVSS6.2AI score0.00233EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

Ubuntu 25.10 / 26.04 LTS : containerd-stable vulnerabilities (USN-8473-1)

The remote Ubuntu 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8473-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd...

9.9CVSS7.3AI score0.00781EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : containerd vulnerabilities (USN-8472-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8472-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibl...

9.9CVSS7.3AI score0.00781EPSS
Exploits0References7
Debian
Debian
added 2026/06/25 7:22 p.m.7 views

[SECURITY] [DSA 6369-1] pdns-recursor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6369-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 25, 2026 https://www.debian.org/security/faq -...

7.5CVSS5.8AI score0.00479EPSS
Exploits0
OSV
OSV
added 2026/06/25 1:18 p.m.5 views

USN-8472-1 containerd-app vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.9CVSS6.4AI score0.00781EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2026/06/25 1:18 p.m.9 views

USN-8472-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.9CVSS6.4AI score0.00781EPSS
Exploits0
NVD
NVD
added 2026/06/25 1:16 p.m.12 views

CVE-2026-33612

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS0.00119EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 1:14 p.m.10 views

USN-8473-1 containerd-stable vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.9CVSS6.4AI score0.00781EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 12:58 p.m.6 views

EUVD-2026-39352

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS5.8AI score0.00119EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 12:58 p.m.4 views

CVE-2026-33612

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS5.8AI score0.00119EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 12:58 p.m.33 views

CVE-2026-33612 ZoneToCache can poison the cache

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS0.00119EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 12:58 p.m.14 views

CVE-2026-33612

CVE-2026-33612 describes a cache-poisoning vulnerability in a ZoneToCache flow: a malicious authoritative server can craft a zone that is cached, compromising integrity of cached data. The CVSS3.1 metrics indicate Network access, high attack complexity, no privileges required, no user interaction...

7.5CVSS5.8AI score0.00119EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 7:17 p.m.9 views

CVE-2026-53943

Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticated user could send an x-ghost-preview header that altered the rendered frontend response. In affecte...

9.6CVSS0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 6:13 p.m.28 views

CVE-2026-53943 Ghost: Cache-poisoning XSS in Ghost frontend via x-ghost-preview header

Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticated user could send an x-ghost-preview header that altered the rendered frontend response. In affecte...

9.6CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:13 p.m.42 views

CVE-2026-53943

The CVE-2026-53943 entry describes a Ghost CMS vulnerability where, on sites behind a shared caching layer, an unauthenticated user can send an x-ghost-preview header that poisons cached responses, altering rendered frontend output. In affected configurations, this cached, request-specific previe...

9.6CVSS5.9AI score0.00244EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in unbound

A vulnerability in caching resolvers called “Rebirthday Attack” has been discovered in resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., with the option --enable-subnet, and when configured to send ECS information along with queries to...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Containerd 2.1.x < 2.1.9 / 2.2.x < 2.2.5 / 2.3.x < 2.3.2 Multiple Vulnerabilities

The version of Containerd on the remote host is 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.5, or 2.3.x prior to 2.3.2. It is, therefore, affected by multiple vulnerabilities: - containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references...

9.9CVSS6.1AI score0.00412EPSS
Exploits0References6
Rows per page
Query Builder