Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Nova vulnerability (USN-8049-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8049-1 advisory. Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use th...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/18 12:0 a.m.7 views

CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

8.2CVSS5.5AI score0.00341EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/10/28 12:15 p.m.6 views

CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

0.00202EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-30215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11....

9.6CVSS7.5AI score0.00529EPSS
Exploits0References3
OSV
OSV
added 2025/04/18 7:17 p.m.8 views

BIT-NATS-2025-30215 NATS-Server Fails to Authorize Certain Jetstream Admin APIs

NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject namespace in the system account; this is partially expose...

9.6CVSS9AI score0.00529EPSS
Exploits0References4
OSV
OSV
added 2025/04/16 12:15 a.m.6 views

AZL-60406 CVE-2025-30215 affecting package telegraf for versions less than 1.31.0-9

NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject namespace in the system account; this is partially expose...

9.6CVSS7.1AI score0.00529EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/15 11:25 p.m.11 views

CVE-2025-30215 NATS-Server Fails to Authorize Certain Jetstream Admin APIs

NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject namespace in the system account; this is partially expose...

9.6CVSS6.7AI score0.00529EPSS
Exploits0References2
Rows per page
Query Builder