Lucene search
K

3928 matches found

EUVD
EUVD
added 2026/06/03 12:30 a.m.12 views

EUVD-2026-34033

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS5.7AI score0.00115EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-45907

Name of the Vulnerable Software and Affected Versions ABB T-MAC Plus version 4.0-24 Description A file disclosure issue exists in the ABB T-MAC Plus web application and the ABB T-MAC plus Server - Default IIS Web Site, where files or directories are accessible to external parties. Recommendations...

9.9CVSS5.4AI score0.00347EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-5422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within...

8.1CVSS6.7AI score0.00437EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:9 p.m.8 views

CVE-2026-8936

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS5.7AI score0.00115EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/02 9:9 p.m.37 views

CVE-2026-8936 Unbounded recursion in grpcfuse kernel module allows container to crash Docker Desktop VM

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 9:9 p.m.11 views

CVE-2026-8936 Unbounded recursion in grpcfuse kernel module allows container to crash Docker Desktop VM

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS5.7AI score0.00115EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 9:9 p.m.74 views

CVE-2026-8936

CVE-2026-8936 describes an unbounded recursion in the grpcfuse kernel module that can cause a VM panic in the Docker Desktop VM when a container creates deeply nested directories on a bind-mounted host folder, triggering a dentry invalidation event. The issue has been fixed in Docker Desktop 4.76...

8.2CVSS5.7AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 1:41 p.m.9 views

CVE-2026-42795 Symlink Following in Hex Package Export Allows Embedding Files Outside Project Root

Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball. The file collection helpers gleamfiles, nativefiles, privatefiles in compiler-cli/src/fs.rs use followlinkstrue when walking publishable directories...

5.1CVSS5.9AI score0.00132EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 1:41 p.m.10 views

CVE-2026-42795

Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball. The file collection helpers gleamfiles, nativefiles, privatefiles in compiler-cli/src/fs.rs use followlinkstrue when walking publishable directories...

5.1CVSS5.9AI score0.00132EPSS
Exploits0References5
NVD
NVD
added 2026/06/02 10:16 a.m.15 views

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

8.1CVSS0.00437EPSS
Exploits1References1
OSV
OSV
added 2026/06/02 10:16 a.m.7 views

DEBIAN-CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

8.1CVSS5.8AI score0.00437EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/02 9:11 a.m.10 views

CVE-2026-5422 Path Traversal in jupyter/jupyter

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

6.8CVSS6.7AI score0.00437EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 9:11 a.m.12 views

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

6.8CVSS6.7AI score0.00437EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

gleam 安全漏洞

Gleam is an open-source, type-safe, and extensible system building language developed by Gleam. Versions of Gleam from 0.18.0-rc1 to 1.17.0 contain security vulnerabilities. These vulnerabilities are caused by path traversal issues, which may allow arbitrary directories to be deleted through...

5.6CVSS5.4AI score0.00152EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Docker Desktop 安全漏洞

Docker Desktop is a desktop software from the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well ...

8.2CVSS5.3AI score0.00115EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45868

Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.76.0 Description A VM panic occurs due to unbounded recursion within the grpcfuse kernel module. This happens when a container creates deeply nested directories on a bind-mounted host folder and triggers a...

8.2CVSS5.8AI score0.00115EPSS
Exploits0References3
NVD
NVD
added 2026/06/01 5:17 p.m.18 views

CVE-2026-42679

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

6.5CVSS0.00295EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:16 p.m.18 views

CVE-2026-38950

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

7.8CVSS0.00144EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 2:39 p.m.15 views

EUVD-2026-33650

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1...

9.6CVSS5.8AI score0.005EPSS
Exploits2References1
CVE
CVE
added 2026/06/01 12:0 a.m.24 views

CVE-2026-38950

CVE-2026-38950 affects ESA AnomalyMatch prior to 1.3.1. The issue arises from loading model files from session directories with torch.load(), enabling unrestricted deserialization and arbitrary code execution. Affected component: model checkpoint loading in AnomalyMatch. Impact: potential full co...

7.8CVSS6.2AI score0.00144EPSS
Exploits0References3
Rows per page
Query Builder