Lucene search
K

4647 matches found

RedHat Linux
RedHat Linux
added 2026/06/23 4:50 p.m.8 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

8.8CVSS5.8AI score0.00237EPSS
Exploits1References6
CVE
CVE
added 2026/06/19 2:16 p.m.12 views

CVE-2019-25747

Network Inventory Advisor 5.0.26.0 is affected by an unquoted binary path in the niaservice service, enabling local privilege escalation. An attacker could place a malicious executable in an intermediate directory and trigger code execution with LocalSystem privileges when the service starts or r...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 2:16 p.m.28 views

CVE-2019-25747 Network Inventory Advisor 5.0.26.0 Unquoted Service Path Privilege Escalation

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...

8.5CVSS0.0012EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 2:16 p.m.6 views

CVE-2019-25747

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/19 2:16 p.m.10 views

EUVD-2019-20183

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/19 2:16 p.m.5 views

CVE-2019-25747 Network Inventory Advisor 5.0.26.0 Unquoted Service Path Privilege Escalation

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/16 9:28 a.m.14 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-host-inventory-frontend-rhel9 container image

A new satellite/iop-host-inventory-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running...

10CVSS6.8AI score0.00978EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

FreeBSD : Gitlab -- vulnerabilities (ac9bab80-6618-11f1-8e04-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ac9bab80-6618-11f1-8e04-2cf05da270f3 advisory. Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE...

8.7CVSS5.9AI score0.0037EPSS
Exploits0References14
FreeBSD
FreeBSD
added 2026/06/11 12:0 a.m.10 views

Gitlab -- vulnerabilities

Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Denial of Service issue in Grape API JSON parsing middleware impacts GitLab CE/EE HTML injection issue in certain group setting fields...

8.7CVSS5.4AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.11 views

CVE-2026-41116

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...

6.3CVSS5.4AI score0.00085EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 3:16 p.m.14 views

CVE-2026-53471

A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens JWTs for authentication, but its UpdateSourceInventory and UpdateAgentStatus handlers fail to validate the sourceid claim within these tokens against the requested source ID. This oversight allows an...

9.6CVSS0.00286EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 1:55 p.m.21 views

CVE-2026-53471

CVE-2026-53471 affects the migration-planner project, specifically the agent-api middleware. The UpdateSourceInventory and UpdateAgentStatus handlers fail to validate the source_id claim in JWTs against the requested source ID. Root cause: missing validation allows an authenticated attacker with ...

9.6CVSS5.5AI score0.00286EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/10 1:55 p.m.43 views

CVE-2026-53471 Migration-planner: agent api ignores jwt source_id claim

A flaw was found in migration-planner. The agent-API middleware processes JSON Web Tokens JWTs for authentication, but its UpdateSourceInventory and UpdateAgentStatus handlers fail to validate the sourceid claim within these tokens against the requested source ID. This oversight allows an...

9.6CVSS0.00286EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

Migration assessment 安全漏洞

Migration assessment is an open-source tool developed by KubeV2V for evaluating and providing migration recommendations for VMware environments. There is a security vulnerability in Migration assessment. This vulnerability stems from the agent-API middleware, which, when processing JWT tokens,...

9.6CVSS5.3AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 6:16 p.m.14 views

CVE-2026-41116

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...

6.3CVSS0.00085EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:31 p.m.35 views

CVE-2026-41116

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...

6.3CVSS0.00085EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:31 p.m.8 views

CVE-2026-41116

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...

6.3CVSS5.4AI score0.00085EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:31 p.m.12 views

EUVD-2026-35766

Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write...

6.3CVSS5.4AI score0.00085EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:31 p.m.29 views

CVE-2026-41116

Dell Inventory Collector Client, versions prior to 13.8.0, contains an Improper Link Resolution Before File Access ("Link Following") vulnerability. A low-privileged attacker with local access could exploit this to achieve Arbitrary File Write. The available documents identify the affected produc...

6.3CVSS5.4AI score0.00085EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.11 views

CVE-2026-11520

A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...

5.1CVSS3.9AI score0.00248EPSS
Exploits0References1
Rows per page
Query Builder