Lucene search
K

7520 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libxml2

The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in NTP

In ntp 4.2.8p10, 4.2.8p11, 4.2.8p12, and 4.2.8p13, remote attackers can prevent a broadcast client from synchronizing its clock with a broadcast NTP server through soofed modes 3 and 5. The attacker must either be part of the same broadcast network or control a slave device in that broadcast...

5.3CVSS6.5AI score0.03079EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QEMU-built-in VNC server during the processing of ClientCutText messages. A incorrect exit condition may lead to an infinite loop when inflating a zlib buffer controlled by an attacker in the inflatebuffer function. This could allow a remotely authenticated client, wh...

6.5CVSS6.8AI score0.01405EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 6:31 a.m.3 views

GHSA-XG3J-C7Q4-F9PH Canonical MicroCeph: path traversal issue in the remote-import AP

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate such as enrolled cluster members or join token can manipulate files in an imported remote cluster within the...

5CVSS5.9AI score0.00208EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/19 6:31 a.m.5 views

Canonical MicroCeph: path traversal issue in the remote-import AP

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate such as enrolled cluster members or join token can manipulate files in an imported remote cluster within the...

5CVSS5.9AI score0.00208EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/19 6:17 a.m.12 views

CVE-2026-10720

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate such as enrolled cluster members or join token can manipulate files in an imported remote cluster within the...

5CVSS0.00208EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 4:57 a.m.24 views

CVE-2026-10720

CVE-2026-10720 affects Canonical MicroCeph versions on squid and tentacle tracks. A path traversal in the remote-import API allows holders of a trusted cluster mTLS certificate or a join token to manipulate files inside the imported remote cluster confined at /var/snap/microceph, potentially caus...

5CVSS5.9AI score0.00208EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 4:57 a.m.29 views

CVE-2026-10720 MicroCeph path traversal issue in the remote-import API

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate such as enrolled cluster members or join token can manipulate files in an imported remote cluster within the...

5CVSS0.00208EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:57 a.m.6 views

CVE-2026-10720

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate such as enrolled cluster members or join token can manipulate files in an imported remote cluster within the...

5CVSS5.9AI score0.00208EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/19 4:57 a.m.9 views

EUVD-2026-37990

Canonical MicroCeph versions from the squid and tentacle track are vulnerable to a path traversal issue in the remote-import API. Holders of a trusted cluster mTLS certificate such as enrolled cluster members or join token can manipulate files in an imported remote cluster within the...

5CVSS5.9AI score0.00208EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50835

Name of the Vulnerable Software and Affected Versions Canonical MicroCeph versions from the squid and tentacle track Description A path traversal issue exists in the remote-import API. Users possessing a join token or a trusted cluster mTLS certificate, such as enrolled cluster members, can...

5CVSS5.9AI score0.00208EPSS
Exploits0References13
NVD
NVD
added 2026/06/18 8:16 p.m.14 views

CVE-2026-48983

pamusb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in per-device and per-user pad directory creation. pamusb uses a check-then-act pattern: it calls lstat to test for existence and then calls mkdir separate...

5.8CVSS0.00084EPSS
Exploits0References2
Redos
Redos
added 2026/06/17 12:0 a.m.7 views

ROS-20260617-73-0047

The vulnerability in ImageMagick 7 is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.5AI score0.00327EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.6 views

ROS-20260617-73-0048

The vulnerability in ImageMagick is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.5AI score0.00327EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.7 views

ROS-20260617-73-0027

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...

9.8CVSS5.8AI score0.00272EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.6 views

ROS-20260617-73-0028

The vulnerability of the msl.c component in the console-based image editing tool ImageMagick is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data or cause service interruptions...

9.8CVSS5.8AI score0.00272EPSS
Exploits0
EUVD
EUVD
added 2026/06/16 3:42 p.m.6 views

EUVD-2025-210170

An attacker with network-level access between the SUSE Virtualization and Rancher Manager in SUSE Harvester before 1.8.0 could interfere with the TLS handshake and abuse it to bypass TLS as a security control...

8.6CVSS5.2AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 3:16 p.m.11 views

CVE-2026-10831

A denial-of-service vulnerability exists in NPort devices because of improper access control on the command port. The command interface does not properly validate whether a sender is associated with a valid data port session before accepting break signal commands. A remote attacker with network...

6.9CVSS0.00292EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 1:46 p.m.8 views

CVE-2026-10831

CVE-2026-10831 concerns MOXA NPort serial device servers. The issue is improper access control on the command port: the command interface does not properly verify that the sender is tied to a valid data-port session before accepting break signal commands. A remote attacker with network access can...

6.9CVSS5.4AI score0.00292EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 8:51 a.m.6 views

EUVD-2026-37043

A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated attacker can send a specially crafted request that causes service disruption and may result in an unexpected device reboot...

7.1CVSS5.3AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder