Lucene search
K

30 matches found

Vulnrichment
Vulnrichment
added 2026/06/04 4:18 p.m.11 views

CVE-2026-50266

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...

2.2CVSS5.8AI score0.00262EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/04/22 12:0 a.m.12 views

bind security update

9.18.33-10.0.2.el101.3 - Hard require needed openssl-libs Orabug: 38742109 - Fix warning when changing device file permissions Orabug: 36518580 32:9.18.33-10.3 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 32:9.18.33-10.2 - Fix upstream reported regressio...

7.5CVSS7.5AI score0.1096EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Oracle Linux 10 : bind (ELSA-2026-8312)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8312 advisory. - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 - Fix upstream reported regression in recent CVE fix CVE-2025-8677 -...

8.6CVSS6.8AI score0.1096EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/02/20 9:2 p.m.13 views

OpenClaw Discord moderation authorization used untrusted sender identity in tool-driven flows

Overview Discord moderation action handling timeout, kick, ban used sender identity from request parameters in tool-driven flows, instead of trusted runtime sender context. Impact In setups where Discord moderation actions are enabled and the bot has the necessary guild permissions, a non-admin...

4.3CVSS5.5AI score0.0019EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/16 12:0 a.m.3 views

Fedora 42 : bind9-next (2025-d9f9394ecd)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-d9f9394ecd advisory. Update to 9.21.14 rhbz2394406 Security Fixes: - DNSSEC validation fails if matching but invalid DNSKEY is found. CVE-2025-8677 - Address various...

8.6CVSS6.7AI score0.1096EPSS
Exploits1References4
Slackware Linux
Slackware Linux
added 2025/10/22 8:27 p.m.11 views

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.41-i586-1slack15.0.txz: Upgraded. This update fixes security issues: DNSSEC validation fails if matching but invalid DNSKEY is...

8.6CVSS6.9AI score0.1096EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8960

Malware in sbrugna...

4.3CVSS6.4AI score0.00785EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/18 11:27 a.m.19 views

CVE-2025-38512

In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this...

9.1CVSS7.2AI score0.03537EPSS
Exploits2References4
NVD
NVD
added 2025/08/16 11:15 a.m.12 views

CVE-2025-38512

In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this...

7.8CVSS0.00147EPSS
Exploits0References6
OSV
OSV
added 2025/08/16 11:15 a.m.2 views

DEBIAN-CVE-2025-38512

In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this...

7.8CVSS6.2AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2025/08/16 10:54 a.m.9 views

CVE-2025-38512 wifi: prevent A-MSDU attacks in mesh networks

In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this...

7.8CVSS6.4AI score0.00147EPSS
Exploits0References9
OSV
OSV
added 2025/07/07 12:47 p.m.10 views

CLSA-2025-1751892444 krb5: Fix of CVE-2025-3576

CVE-2025-3576: possible spoofing of GSSAPI-protected messages using RC4-HMAC-MD5...

5.9CVSS7.2AI score0.00276EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 6 : openstack-neutron (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-neutron: MAC source address spoofing vulnerability CVE-2016-5363 - The IPTables firewall in...

8.5AI score0.03411EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.3 views

SUSE CVE-2016-5362

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message...

8.2CVSS7.9AI score0.03411EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/14 2:19 a.m.11 views

OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message...

8.2CVSS6.7AI score0.03411EPSS
Exploits0References11Affected Software1
Huntr
Huntr
added 2022/04/20 3:30 p.m.14 views

no spoofing protection on email domain (No Valid SPF Records.)

What Is SPF/TXT Records? An SPF record is a type of Domain Name Service DNS record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Checking...

7AI score
Exploits0References2
Securelist
Securelist
added 2021/06/03 10:0 a.m.212 views

Email spoofing: how attackers impersonate legitimate senders

Introduction In a nutshell, email spoofing is the creation of fake emails that seem legitimate. This article analyzes the spoofing of email addresses through changing the From header, which provides information about the senders name and address. SMTP Simple Mail Transfer Protocol, the main email...

6.5AI score
Exploits0
Virtuozzo
Virtuozzo
added 2021/04/19 12:0 a.m.21 views

Virtuozzo Hybrid Infrastructure 4.5 Update 1 Hotfix 2 (4.5.1-34)

This update provides fixes for the admin and self-service panels. Vulnerability id: VSTOR-42074 Unable to add a network interface to an existing VM in the self-service panel. Vulnerability id: VSTOR-42954 Added a message about disabling security groups for a VM network interface. Vulnerability id...

1.7AI score
Exploits0
OSV
OSV
added 2020/03/25 10:15 p.m.3 views

CVE-2020-6808

When a JavaScript URL javascript: is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL as reported by the document.location property, for example was the originating javascript: URL which could lead to...

6.5CVSS7AI score0.01039EPSS
Exploits0References2
OSV
OSV
added 2018/10/24 11:5 a.m.8 views

SUSE-SU-2018:3386-1 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

9.8CVSS8.2AI score0.29037EPSS
Exploits5References6
Rows per page
Query Builder