Lucene search
K

619 matches found

NVD
NVD
added 2026/04/08 9:16 p.m.6 views

CVE-2026-39429

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.30.3 and 0.29.3, the cache server is directly exposed by the root shard and has no authentication or authorization in place. This allows anyone who can access the root shard...

9.1CVSS0.00436EPSS
Exploits1References3
CVE
CVE
added 2026/04/08 8:16 p.m.14 views

CVE-2026-39429

The CVE-2026-39429 issue in kcp affects the root shard’s cache server, which before versions 0.30.3 and 0.29.3 was exposed with no authentication/authorization. The cache server could be read from and written to by anyone who can reach the root shard, enabling unauthorized access to cached resour...

9.1CVSS5.9AI score0.00436EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

kcp 安全漏洞

KCP is an open-source control plane similar to Kubernetes, used for Kubernetes and containers. Versions of KCP prior to 0.30.3 and 0.29.3 have security vulnerabilities. These vulnerabilities stem from the direct exposure of cache servers, along with the lack of authentication and authorization,...

9.1CVSS5.8AI score0.00436EPSS
Exploits1References4
NVD
NVD
added 2026/04/07 3:17 p.m.5 views

CVE-2026-5382

An issue that could expose records outside of the authorized organization scope through the MCP endpoints has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N 3.0 Low. This issue was fixed in...

3CVSS0.00174EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/06 12:0 a.m.6 views

Juniper Junos OS Vulnerability (JSA100055)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100055 advisory. - A Protection Mechanism Failure vulnerability in kernel filter processing of Juniper Networks Junos OS allows an attacker sending IPv6 traffic destined to the device to...

6.9CVSS6AI score0.00318EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/28 12:24 a.m.7 views

SUSE CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/27 11:24 p.m.3 views

Deadlock

Overview Affected versions of this package are vulnerable to Deadlock via the SCTP notification handler process. An attacker can cause the control plane to become unresponsive by sending specially crafted SCTP notifications to the N2 interface, resulting in service disruption for all subscribers...

7.1CVSS5.9AI score0.00165EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/27 11:24 p.m.2 views

Deadlock

Overview Affected versions of this package are vulnerable to Deadlock via the SCTP notification handler process. An attacker can cause the control plane to become unresponsive by sending specially crafted SCTP notifications to the N2 interface, resulting in service disruption for all subscribers...

7.1CVSS5.9AI score0.00165EPSS
Exploits0References2
NVD
NVD
added 2026/03/27 9:17 p.m.10 views

CVE-2026-33904

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS0.00165EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/27 8:55 p.m.7 views

CVE-2026-33904 Ella Core has a Denial of Service via SCTP connection cleanup deadlock

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 8:55 p.m.3 views

CVE-2026-33904

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/27 8:55 p.m.16 views

CVE-2026-33904

Ella Core is a 5G private-network core. In versions prior to 1.7.0, a deadlock in the AMF SCTP notification handler causes the entire AMF control plane to hang, enabling a denial of service when an attacker with access to the N2 interface sends crafted SCTP notifications. Version 1.7.0 adds defer...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/27 5:12 p.m.5 views

EUVD-2026-16464

Incus vulnerable to denial of source through crafted bucket backup file...

6.5CVSS5.9AI score0.00385EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-33743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access t...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 11:26 p.m.4 views

CVE-2026-33743

A flaw was found in Incus, a system container and virtual machine manager. A user with access to Incus' storage bucket feature can exploit this vulnerability by using a specially crafted storage bucket backup. This can cause the Incus daemon to crash, leading to a denial of service of the control...

6.5CVSS5.7AI score0.00385EPSS
Exploits1References4
NVD
NVD
added 2026/03/26 11:16 p.m.7 views

CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS0.00385EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 11:16 p.m.7 views

UBUNTU-CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/03/26 10:40 p.m.9 views

CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS5.8AI score0.00385EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/26 10:40 p.m.22 views

CVE-2026-33743 Incus vulnerable to denial of source through crafted bucket backup file

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS0.00385EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/26 10:40 p.m.3 views

CVE-2026-33743

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a...

6.5CVSS5.3AI score0.00385EPSS
Exploits1
Rows per page
Query Builder