Lucene search
K

5576 matches found

Debian
Debian
added 2026/06/25 7:21 p.m.6 views

[SECURITY] [DSA 6367-1] dnsdist security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 25, 2026 https://www.debian.org/security/faq -...

5.3CVSS5.8AI score0.00479EPSS
Exploits0
CVE
CVE
added 2026/06/25 5:43 p.m.35 views

CVE-2026-54091

CVE-2026-54091 : File Browser public shares allow information disclosure due to incorrect access control when rebasing the owner’s filesystem root for public share paths. Before 2.63.6, the public share handler sets d.user.Fs to a BasePathFs rooted at the shared directory and then checks access w...

7.5CVSS5.9AI score0.00471EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 7:16 a.m.3 views

ALPINE-CVE-2026-12490

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

7.5CVSS5.8AI score0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52212

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where a secondary requesting a transfer does not need to provide a client certificate when the request is made over TLS via the regular tls-port...

8.2CVSS5.7AI score0.00139EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38843

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

5.7AI score0.00138EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:28 p.m.8 views

CVE-2026-52975

The CVE concerns the Linux kernel bonding 3ad module. A data-race was found in bond_3ad_get_active_agg_info / bond_3ad_state_machine_handler due to insufficient Read-Copy-Update (RCU) handling for port->aggregator. The fix adds the __rcu qualifier to port->aggregator and uses proper RCU API...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/24 3:19 p.m.5 views

CVE-2026-44393

A flaw was found in OpenStack oslo.messaging. The RabbitMQ driver does not properly verify the hostname of the message broker when establishing a TLS Transport Layer Security connection. An attacker capable of intercepting control-plane network traffic can exploit this vulnerability to impersonat...

7.4CVSS5.8AI score0.0016EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 8:16 a.m.2 views

UBUNTU-CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS5.6AI score0.00299EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/24 7:25 a.m.6 views

CVE-2026-48491

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. This vulnerability allows an unauthenticated client to bypass mutual Transport Layer Security TLS enforcement, a security measure that verifies both client and server identities. The bypass occurs due to an issue in Traefik's...

10CVSS5.8AI score0.00245EPSS
Exploits1References5
CVE
CVE
added 2026/06/24 7:14 a.m.10 views

CVE-2026-52920

The CVE-2026-52920 involves the Linux kernel netfilter xt_policy module, where strict inbound policy matching previously consumed info->pol[] in an incorrect order when multiple transforms were applied. Root cause: match_policy_in() iterates sec_path entries from last to first, violating the f...

8.3CVSS5.7AI score0.00299EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51869

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the bonding 3ad implementation due to improper Read-Copy-Update RCU rules for the port-aggregator variable. This issue was identified in the bond 3ad get active agg...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7
NVD
NVD
added 2026/06/23 8:16 p.m.6 views

CVE-2026-53622

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

10CVSS0.0024EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 5:15 p.m.33 views

CVE-2026-49860 Deno: WebSocket API sandbox bypass via missing post-DNS check

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially...

5.2CVSS0.00101EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 5:14 p.m.15 views

CVE-2026-49859

CVE-2026-49859 affects Deno before version 2.8.1. The bug occurs in fetch() where Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that the hostname resolves to, allowing an attacker-controlled domain that passes the hostname check to resolve to...

5.2CVSS5.8AI score0.00101EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/23 2:37 p.m.5 views

BIT-APISIX-2026-44046 Apache APISIX: wolf-rbac plugin Identity Spoofing

Use of Less Trusted Source vulnerability in Apache APISIX. Attacker can take advantage of wolf-rbac plugin under default configuration to potentially pollute logs with spoofed identity information and exploit IP based access control rules. This issue affects Apache APISIX: from 1.2.0 through...

5.8CVSS5.8AI score0.00314EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 9:40 a.m.2 views

OPENSUSE-SU-2026:21143-1 Security update for gleam

This update for gleam fixes the following issues: Changes in gleam: - Update to 1.17.0: Fixed security vulnerabilities: - Restrict custom documentation page path and source values so gleam docs build cannot escape the docs output directory or project root bsc1267396, CVE-2026-32685 - Restrict...

5.6CVSS5.8AI score0.00152EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/20 12:28 a.m.8 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00259EPSS
Exploits9References6
OSV
OSV
added 2026/06/19 9:16 p.m.6 views

GHSA-PR33-38XX-6R26 http4k: BasicCookieStorage` (renamed `InsecureCookieStorage`) did not enforce RFC 6265 cookie scoping; new `DefaultCookieStorage` is now the default

Impact The previous BasicCookieStorage did not enforce RFC 6265 scoping rules around cookie domain, path, and Secure attribute. A client using a single storage instance to talk to multiple origins could have cookies leak across domains, or have Secure cookies sent over plain HTTP — the deprecatio...

6.9CVSS5.9AI score
Exploits0References5
CVE
CVE
added 2026/06/19 8:23 p.m.57 views

CVE-2026-48794

CVE-2026-48794 affects Authelia (versions 4.36.0–4.39.19). A domain canonicalization edge case can cause an access control rule to be skipped when it should match a request, under very specific conditions involving forwarded authorization, multi-segment subdomains (e.g., a.b.example.com vs exampl...

2.3CVSS5.8AI score0.00283EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 8:16 p.m.11 views

CVE-2026-48089

DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from a different organization with no membership or role in the affected org/project — can create,...

7.1CVSS0.00235EPSS
Exploits0References2
Rows per page
Query Builder