Lucene search
K

785 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

RHEL 8 : rhc (RHSA-2026:15980)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:15980 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...

7.5CVSS7.4AI score0.00621EPSS
Exploits0References8
NVD
NVD
added 2026/05/08 7:16 p.m.23 views

CVE-2026-29203

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path...

8.8CVSS0.00493EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 6:51 p.m.5 views

CVE-2026-29203

A chmod call in the cPanel Nova plugin's Cpanel::Nova::Connector follows symlinks, allowing setting root permissions on arbitrary system files or directories. That can cause DoS or local privilege escalation when an authenticated cPanel user places a symlink at a user-controlled legacy Nova path...

8.8CVSS5.9AI score0.00493EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2026/05/08 6:51 p.m.19 views

CVE-2026-29203

CVE-2026-29203 affects the cPanel Nova plugin component Cpanel::Nova::Connector. A chmod call follows symlinks, enabling an authenticated cPanel user to set root permissions on arbitrary system files or directories by placing a symlink at a user-controlled legacy Nova path in their home directory...

8.8CVSS5.9AI score0.00493EPSS
Exploits0References1
OSV
OSV
added 2026/05/08 12:3 p.m.17 views

RLSA-2026:14200 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282...

7.8CVSS5.8AI score0.00621EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.6 views

MiracleLinux 8 : grafana-pcp-5.1.1-14.el8_10 (AXSA:2026-569:07)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-569:07 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

7.5CVSS7.4AI score0.00621EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

RockyLinux 9 : git-lfs (RLSA-2026:14200)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:14200 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

7.5CVSS7.4AI score0.00621EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/06 9:10 p.m.21 views

Important: Red Hat Security Advisory: Red Hat build of Cryostat security update

An update is now available for the Red Hat build of Cryostat 4 on RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS7.3AI score0.00621EPSS
Exploits0References5
OSV
OSV
added 2026/05/06 5:26 p.m.5 views

GHSA-XX64-WWV2-HCQQ astral-tokio-tar: `unpack_in` can chmod arbitrary directories by following symlinks

Impact In versions 0.6.0 and earlier of astral-tokio-tar, the unpackin API could inadvertently modify the permissions of external i.e. non-archive directories outside of the archive. An attacker could use this to contrite a tar archive that maliciously changes directory permissions outside of its...

6.9CVSS5.8AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/06 3:34 p.m.13 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/06 3:34 p.m.6 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
OSV
OSV
added 2026/05/06 12:5 p.m.13 views

RLSA-2026:10217 Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVE-2026-32283 crypto/x509:...

9CVSS5.9AI score0.00658EPSS
Exploits0References7
Rockylinux
Rockylinux
added 2026/05/06 12:5 p.m.15 views

grafana security update

An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor f...

7.5CVSS5.8AI score0.00621EPSS
Exploits0
OSV
OSV
added 2026/05/06 12:1 p.m.15 views

RLSA-2026:10219 Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVE-2026-32283 crypto/x509:...

9CVSS7.4AI score0.00658EPSS
Exploits0References7
OSV
OSV
added 2026/05/06 12:1 p.m.12 views

RLSA-2026:11704 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root...

7.8CVSS7.3AI score0.00621EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/05/06 12:1 p.m.16 views

grafana security update

An update is available for grafana. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...

7.5CVSS5.8AI score0.00621EPSS
Exploits0
OSV
OSV
added 2026/05/06 12:0 p.m.16 views

RLSA-2026:10704 Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key upda...

9CVSS7.4AI score0.00658EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

RockyLinux 9 : grafana-pcp (RLSA-2026:11704)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:11704 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

7.5CVSS5.8AI score0.00621EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.15 views

RHEL 9 : grafana (RHSA-2026:11711)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11711 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang:...

7.5CVSS5.9AI score0.00621EPSS
Exploits0References6
OSV
OSV
added 2026/05/06 12:0 a.m.19 views

ALSA-2026:14200 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282...

7.5CVSS7.4AI score0.00621EPSS
Exploits0References8
Rows per page
Query Builder