3762 matches found
CVE-2026-45361 Apache Airflow Google provider: SSH host key verification disabled in ComputeEngineSSHHook (paramiko AutoAddPolicy default)
Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to...
CVE-2026-45361
Apache Airflow providers-google's ComputeEngineSSHHook disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to...
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Apache Airflow 安全漏洞
Apache Airflow is the United States Apache Apache Foundation's set of open source platform with the creation, management and monitoring of workflow functions. The platform is characterized by scalability and dynamic monitoring. Apache Airflow suffers from a security vulnerability that stems from...
PT-2026-43023
Name of the Vulnerable Software and Affected Versions apache-airflow-providers-google versions prior to 22.0.0 Description The ComputeEngineSSHHook disables SSH host-key verification by default. This configuration exposes SSH traffic between an Airflow worker and a Compute Engine VM to in-path...
CVE-2026-26147
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
EUVD-2026-31516
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
CVE-2026-26147
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
Unlocking Apple's Private Cloud Compute: An Analysis of Privacy-Preserving Artificial Intelligence
Many existing Artificial Intelligence AI solutions on mobile devices rely on an extensive collection of sensitive data, raising privacy concerns and often requiring storage for both context and model improvement. Apple's Private Cloud Compute PCC aims to address this by emphasizing mobile device...
PT-2026-42840
Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description Improper input validation allows an authorized attacker to disclose information over a network. Recommendations At the moment, there is no information about a newer version that...
Linux Distros Unpatched Vulnerability : CVE-2026-44348
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in computehashtosign in...
Azure Stack HCI Information Disclosure Vulnerability
Improper input validation in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
Malicious code in tensor-compute (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a3d1b50077a6311a43061891fa560d2c180fbdbd12ab4965e0d265910e6ef68 [email protected] presents itself as a Rust-backed tensor library but is a dropper. setup.py registers a custom buildext command src/buildext.py...
MAL-2026-4223 Malicious code in tensor-compute (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a3d1b50077a6311a43061891fa560d2c180fbdbd12ab4965e0d265910e6ef68 [email protected] presents itself as a Rust-backed tensor library but is a dropper. setup.py registers a custom buildext command src/buildext.py...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fixed the validation of region HPA ordering. Some regions may not have any address space allocated. Skip these regions when validating HPA order; otherwise, a crash similar to the following may occur: devmcxladdregion...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/pmem: Fixed leaks in cxlpmemregion and cxlmemdev. When a cxlnvdimm object undergoes an -remove operation where the device is physically removed, nvdimmbridge is disabled, or the nvdimm device is disabled, any associated...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed double-release of the compute pasid. If kfdprocessdeviceinitvm returns an error after the vm is converted to a compute vm and vm-pasid is set to compute pasid, KFD will not take the pdd-drmfile reference. As a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: Fixed a heap buffer overflow in ioam6fillTraceData. In the receive path, ioam6fillTraceData uses trace-nodelen to determine how much data to write for each node. It relies on this field directly from the incoming...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: A divide error occurred in ndlabeldatainit. If a faulty CXL memory device returns a incorrect zero LSA size in its memory device information Identified Memory Device Opcode 4000h, CXL Specification 3.1,...
Linux Distros Unpatched Vulnerability : CVE-2026-34159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor'...