Lucene search
K

2478 matches found

Nuclei
Nuclei
added yesterday1662 views

Gitea 1.1.0 - 1.12.5 - Remote Code Execution

Gitea 1.1.0 through 1.12.5 is susceptible to authenticated remote code execution, via the git hook functionality, in customer environments where the documentation is not understood e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the...

7.2CVSS7.8AI score0.93691EPSS
Exploits12References5
Wolfi
Wolfi
added 2 days ago3 views

GHSA-6CV4-3H2G-632H vulnerabilities

Vulnerabilities for packages: firefox...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2 days ago3 views

GHSA-V4QX-H7R5-6QC8 vulnerabilities

Vulnerabilities for packages: firefox...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2 days ago2 views

GHSA-V9F3-9MFG-CC55 vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 4 days ago5 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.0012EPSS
Exploits0
Fedora
Fedora
added 4 days ago4 views

[SECURITY] Fedora 44 Update: prometheus-podman-exporter-1.21.1-1.fc44

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-53221

Name of the Vulnerable Software and Affected Versions Delta Electronics DTM Soft affected versions not specified Description The software is susceptible to the deserialization of untrusted data, which can allow an attacker to execute arbitrary code. Real-world exploitation has been observed where...

8.4CVSS6AI score0.00388EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.4 views

FreeBSD : Gitlab -- Vulnerabilities (ee1e7aef-7117-11f1-873f-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ee1e7aef-7117-11f1-873f-2cf05da270f3 advisory. Gitlab reports: Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Cross-site...

8.7CVSS5.7AI score0.00328EPSS
Exploits0References15
NVD
NVD
added 2026/06/25 5:16 a.m.14 views

CVE-2026-0934

GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with custom role permissions to view, create, or delete protected environment configuratio...

3.8CVSS0.00201EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 4:35 a.m.31 views

CVE-2026-0934 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with custom role permissions to view, create, or delete protected environment configuratio...

3.8CVSS0.00201EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 4:35 a.m.90 views

CVE-2026-0934

GitLab Enterprise Edition (GitLab EE) has remediated a privilege‑escalation issue affecting all releases prior to fixed patches: 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1. An authenticated user with custom role permissions could view, create, or delete protected environment ...

3.8CVSS5.9AI score0.00201EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

GitLab 17.9 < 18.11.6 / 19.0 < 19.0.3 / 19.1 < 19.1.1 (CVE-2026-0934)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 17.9 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticate...

3.8CVSS5.9AI score0.00201EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52554

Name of the Vulnerable Software and Affected Versions Podman versions 1.8.1 through 5.8.4 Description A malicious container image can trick Podman into leaking host environment variables into the container. This occurs when an image contains an Env entry consisting of a key without a value...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52194

Name of the Vulnerable Software and Affected Versions GitLab EE versions 17.9 through 18.11.5 GitLab EE versions 19.0 through 19.0.2 GitLab EE versions 19.1 through 19.1.0 Description An incorrect authorization issue exists where an authenticated user with custom role permissions can view, create...

3.8CVSS5.8AI score0.00201EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53113

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...

5.7AI score0.00159EPSS
Exploits0
CVE
CVE
added 2026/06/24 1:37 p.m.70 views

CVE-2026-12537

Summary (CVE-2026-12537) : The vulnerability affects Google Gemini CLI container launcher (versions prior to 0.39.1) and the run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms. It stems from improper neutralization in an OS command, enabling an unprivileged attacker ...

10CVSS6.3AI score0.00314EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2026/06/24 5:17 a.m.4 views

UBUNTU-CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51663

Name of the Vulnerable Software and Affected Versions libslirp versions prior to v4.9.2 Description An integer underflow and out-of-bounds heap read exist in the TCP urgent data handling sosendoob within hypervisor host environments, such as QEMU. A privileged guest VM attacker with root or CAP N...

6.5CVSS5.8AI score0.00106EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/20 4:43 p.m.11 views

EUVD-2026-38128

Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the GitRepository storage class. The commitsha parameter, which is passed to git commands, lacks validation and does not include a -- separator to distinguish user input from git...

9.9CVSS8.2AI score0.00874EPSS
Exploits3References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.15

A flaw was discovered in cifs-utils. When attempting to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may result in the disclosure of sensitive data from the host’s Kerberos...

5.9CVSS7.3AI score0.00149EPSS
Exploits0References2
Rows per page
Query Builder