103 matches found
CVE-2026-50566 Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation / dangerous-capability...
EUVD-2026-10694
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...
Dell Update Package Framework 安全漏洞
Dell Update Package Framework is a framework developed by the American company Dell for updating system components. This product primarily provides installation programs for drivers, applications, BIOS, and firmware. Versions of the Dell Update Package Framework from 23.12.00 to 24.12.00 containe...
One RNG to Rule Them All: How Randomness Becomes an Attack Vector in Machine Learning
Machine learning relies on randomness as a fundamental component in various steps such as data sampling, data augmentation, weight initialization, and optimization. Most machine learning frameworks use pseudorandom number generators as the source of randomness. However, variations in design choic...
Moderate: Red Hat Security Advisory: Automotive bug fix and enhancement update
An update for gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server is now available for Red Hat In-Vehicle-OS version 1.0.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...
EUVD-2018-0587
Malware in sbrugna...
EUVD-2018-0493
Malware in sbrugna...
EUVD-2017-1174
Malware in sbrugna...
EUVD-2017-1962
Malware in sbrugna...
EUVD-2022-5337
Malicious code in bioql PyPI...
EUVD-2023-27876
Malicious code in bioql PyPI...
EUVD-2023-2462
Malicious code in bioql PyPI...
EUVD-2025-20182
Malicious code in bioql PyPI...
EUVD-2022-44145
Malicious code in bioql PyPI...
EUVD-2024-2898
Malicious code in bioql PyPI...
EUVD-2023-2513
Malicious code in bioql PyPI...
CVE-2025-54801 Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder
Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...
CVE-2025-49006
Wasp Web Application Specification is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation affecting only Keycloak with a specific config. Wasp currently lowercases OAuth user IDs before...
ALSA-2025:8816 Important: .NET 9.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...
CVE-2024-55970
File Manager in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 has a traversal issue that is related to the request parameter, aka I644734...