22 matches found
OESA-2026-2358 systemd security update
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226...
OESA-2026-2279 systemd security update
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226...
SUSE CVE-2026-40226
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...
EUVD-2026-21400
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...
CVE-2026-40226
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...
CVE-2026-40226
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...
CVE-2026-40226
The CVE affects systemd-nspawn: versions 233–259 (before 260) are vulnerable. A crafted optional config file can trigger an escape-to-host action. Root cause is not detailed beyond this vector in the provided docs. Remediation implied by the reference is upgrading to systemd 260 or later to mitig...
CVE-2026-40226
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file...
EUVD-2025-34448
An issue in the Configure New Cluster interface of kafka-ui v0.6.0 to v0.7.2 allows attackers to cause a Denial of Service DoS via uploading a crafted configuration file...
CLSA-2025-1753376162 graphviz: Fix of CVE-2023-46045
CVE-2023-46045: fix out-of-bounds read via crafted config6a file...
Medium: graphviz
Issue Overview: buffer overflow via a crafted config6a file NOTE: Crosses no security boundary, config files are under local control NOTE: https://gitlab.com/graphviz/graphviz/-/issues/2441 NOTE: Introduced by: https://gitlab.com/graphviz/graphviz/-/commit/cf95714837f06f684929b54659523c2c9b1fc19f...
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root.
...
AZL-34237 CVE-2023-46045 affecting package graphviz for versions less than 2.42.4-10
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root...
AZL-34768 CVE-2023-46045 affecting package graphviz for versions less than 2.42.4-12
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root...
DEBIAN-CVE-2023-46045
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root...
CVE-2023-46045
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root...
PT-2024-1448 · Unknown · Rapid Scada
Name of the Vulnerable Software and Affected Versions: Rapid SCADA versions prior to Version 5.8.4 Description: The issue is related to a Zip Slip vulnerability in the unpacking routine, allowing an attacker to supply a malicious configuration file and achieve remote code execution. This can be...
CVE-2022-22986
Netcommunity OG410X and OG810X series Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file...
CVE-2022-22986
Netcommunity OG410X and OG810X series Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file...
PT-2022-15756
Name of the Vulnerable Software and Affected Versions Netcommunity OG410X and OG810X series versions 2.28 and earlier Description The issue allows an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file. Recommendations For Netcommunity OG410X an...