Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4210 matches found

Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.3 views

PT-2026-27732

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the radiotap parser. Specifically, the parser does not properly handle radiotap data containing undefined fields, leading to the potential for an...

5.5CVSS5.9AI score0.00031EPSS
Exploits0References24
Positive Technologies
Positive Technologiesadded 2026/01/01 12:0 a.m.9 views

PT-2026-8197

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.18-rc1 and later Description The CephFS kernel client contains a flaw in the ceph mds auth match function where a NULL pointer dereference can occur if fs name is NULL. This issue arises during authorization checks with...

9.8CVSS6.8AI score0.00083EPSS
Exploits5References398
SUSE CVE
SUSE CVEadded 2025/12/31 12:28 a.m.3 views

SUSE CVE-2023-54200

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always release netdev hooks from notifier This reverts "netfilter: nftables: skip netdev events generated on netns removal". The problem is that when a veth device is released, the veth release callback will...

6.3CVSS6.5AI score0.00028EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/12/31 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-54200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: always release netdev hooks from notifier This reverts netfilter: nftables: skip netdev events generated on netns removal. The problem is...

5.8AI score0.00028EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992897 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann...

7CVSS6.2AI score0.00009EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2025/12/30 9:30 p.m.5 views

Temporal has a namespace policy bypass allowing requests to be authorized for incorrect contexts

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...

5.3CVSS6.9AI score0.00024EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blogadded 2025/12/30 9:30 p.m.9 views

Temporal has an Incorrect Authorization vulnerability

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

5.3CVSS7.3AI score0.00024EPSS
Exploits0References6Affected Software1
EUVD
EUVDadded 2025/12/30 9:30 p.m.2 views

EUVD-2025-205855

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

5.3CVSS6.7AI score0.00024EPSS
Exploits0References4
OSV
OSVadded 2025/12/30 9:30 p.m.2 views

GHSA-HMHP-GH8M-C8XP Temporal has an Incorrect Authorization vulnerability

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

5.3CVSS7.2AI score0.00024EPSS
Exploits0References6
OSV
OSVadded 2025/12/30 9:30 p.m.0 views

GHSA-P2GR-HM8G-Q772 Temporal has a namespace policy bypass allowing requests to be authorized for incorrect contexts

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...

5.3CVSS6.8AI score0.00024EPSS
Exploits0References6
EUVD
EUVDadded 2025/12/30 9:30 p.m.2 views

EUVD-2025-205854

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...

5.3CVSS6.3AI score0.00024EPSS
Exploits0References4
OSV
OSVadded 2025/12/30 9:15 p.m.3 views

CVE-2025-14987

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

5.3CVSS7.2AI score
Exploits0References3
NVD
NVDadded 2025/12/30 9:15 p.m.2 views

CVE-2025-14987

When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...

5.3CVSS0.00024EPSS
Exploits0References3
NVD
NVDadded 2025/12/30 9:15 p.m.1 views

CVE-2025-14986

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...

5.3CVSS0.00024EPSS
Exploits0References3
OSV
OSVadded 2025/12/30 9:15 p.m.4 views

CVE-2025-14986

When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...

5.3CVSS6.8AI score
Exploits0References3
Snyk
Snykadded 2025/12/30 8:44 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the system.enableCrossNamespaceCommands when it is enabled on by default. An attacker can perform unauthorized actions in a different namespace by submitting workflow task commands that target namespaces othe...

6.3CVSS7AI score0.00024EPSS
Exploits0References2
Snyk
Snykadded 2025/12/30 8:44 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the system.enableCrossNamespaceCommands when it is enabled on by default. An attacker can perform unauthorized actions in a different namespace by submitting workflow task commands that target namespaces othe...

6.3CVSS7AI score0.00024EPSS
Exploits0References2
Snyk
Snykadded 2025/12/30 8:44 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the system.enableCrossNamespaceCommands when it is enabled on by default. An attacker can perform unauthorized actions in a different namespace by submitting workflow task commands that target namespaces othe...

6.3CVSS7AI score0.00024EPSS
Exploits0References2
Snyk
Snykadded 2025/12/30 8:44 p.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the system.enableCrossNamespaceCommands when it is enabled on by default. An attacker can perform unauthorized actions in a different namespace by submitting workflow task commands that target namespaces othe...

6.3CVSS7AI score0.00024EPSS
Exploits0References2
Snyk
Snykadded 2025/12/30 8:41 p.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when the frontend.enableExecuteMultiOperation is enabled. An attacker can circumvent namespace-specific validation and feature gates by setting the embedded StartWorkflowExecutionRequest's namespace field to a...

5.3CVSS6.8AI score0.00024EPSS
Exploits0References2
Rows per page
Query Builder