Lucene search
K

16 matches found

OSV
OSV
added 2026/06/25 3:31 p.m.2 views

OPENSUSE-RU-2026:21160-1 Recommended update for dnscrypt-proxy

This update for dnscrypt-proxy fixes the following issues: Changes in dnscrypt-proxy: - Update to version 2.1.16 The "tlsciphersuite" option is now a no-op. Modern TLS stacks no longer expose cipher suite selection in a meaningful way, and the option had become misleading A log size of 0 no longe...

9.1CVSS6.6AI score0.01557EPSS
Exploits1References8
NVD
NVD
added 2026/06/24 5:17 a.m.8 views

CVE-2026-12851

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS0.01684EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 3:40 a.m.7 views

EUVD-2026-38653

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS5.9AI score0.01684EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 3:40 a.m.32 views

CVE-2026-12851 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS0.01684EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 2:46 p.m.5 views

OPENSUSE-SU-2026:20942-1 Security update for apptainer

This update for apptainer fixes the following issues: Changes in apptainer: - Update apptainer to version v1.5.1 Security fix bsc1267982: Fix for CVE-2026-48785 / GHSA-cr2j-534f-mf3g. Incorrect path matching for limit container paths directive. This is only applicable to SUID installations that...

5.4AI score
Exploits0References2
NVD
NVD
added 2026/05/19 6:16 p.m.17 views

CVE-2026-47107

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

8.6CVSS0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/19 4:42 p.m.18 views

EUVD-2026-30958

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

9.6CVSS6AI score0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/05 3:31 a.m.2 views

EUVD-2026-9517

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

7.1CVSS5.9AI score0.00106EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : dhcp-4.1.1-34.P1.AXS4 (AXSA:2013-133:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-133:01 advisory. DHCP Dynamic Host Configuration Protocol is a protocol which allows individual devices on an IP network to get their own network configuration information IP...

7.1CVSS6.4AI score0.21653EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : glibc-2.12-1.80.AXS4.3 (AXSA:2012-754:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-754:05 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

6.8CVSS7AI score0.03163EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2023-4527)

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.6AI score0.01508EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.3 views

SUSE CVE-2021-43816

containerd is an open source container runtime. On installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface CRI, an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any...

9.1CVSS7.1AI score0.0169EPSS
Exploits1References3
OSV
OSV
added 2018/06/12 6:29 p.m.4 views

CVE-2018-12257

An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in...

4.4CVSS5.8AI score0.0035EPSS
Exploits1References1
OSV
OSV
added 2017/04/13 2:59 p.m.1 views

DEBIAN-CVE-2016-10118

Firejail allows local users to truncate /etc/resolv.conf via a chroot command to /...

3.3CVSS6.7AI score0.00325EPSS
Exploits0References1
OSV
OSV
added 2008/12/08 11:30 p.m.2 views

DEBIAN-CVE-2008-5367

ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on the /tmp/resolv.conf.tmp temporary file...

6.9CVSS6.6AI score0.004EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/03/03 3:33 p.m.4 views

security flaw

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of...

4.6CVSS5.8AI score0.0036EPSS
Exploits0References4
Rows per page
Query Builder