Lucene search
+L

470 matches found

osv
osv
added 2026/07/09 12:50 p.m.4 views

OESA-2026-2907 cockpit security update

Cockpit makes GNU/Linux discoverable. See Linux server in a web browser and perform system tasks with a mouse. It’s easy to start containers, administer storage, configure networks, and inspect logs with this package. Security Fixes: A flaw was found in Cockpit. Deleting a sosreport with a crafte...

8CVSS7.1AI score0.01181EPSS
Exploits0References3
osv
osv
added 2026/07/02 7:7 a.m.3 views

OPENSUSE-SU-2026:21208-1 Security update for cockpit

This update for cockpit fixes the following issue - CVE-2026-4802: remote command execution via unsanitized user-controlled parameters within crafted links in system logs UI bsc1265040...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/06/05 10:28 p.m.71 views

Exploit for CVE-2024-34070

CVE-2024-34070 Froxlor PoC Python proof of concept for CVE-20...

9.6CVSS7.7AI score0.00963EPSS
Exploits2
redhatcve
redhatcve
added 2026/06/05 7:20 p.m.10 views

CVE-2026-50205

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

8.8CVSS5.5AI score0.00238EPSS
Exploits0References1
mageia
mageia
added 2026/06/05 5:37 p.m.20 views

Updated cockpit packages fix security vulnerabilities

CVE-2026-4631, Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects...

9.8CVSS7AI score0.142EPSS
Exploits4References27
osv
osv
added 2026/06/05 5:37 p.m.21 views

MGASA-2026-0175 Updated cockpit packages fix security vulnerabilities

CVE-2026-4631, Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects...

9.8CVSS6.8AI score0.142EPSS
Exploits4References28
rocky
rocky
added 2026/06/04 12:4 p.m.11 views

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. I...

8CVSS7.2AI score0.01016EPSS
Exploits0
osv
osv
added 2026/06/04 12:4 p.m.16 views

RLSA-2026:21676 Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS6AI score0.01016EPSS
Exploits0References2
nvd
nvd
added 2026/06/04 7:16 a.m.13 views

CVE-2026-50205

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

8.8CVSS0.00238EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/04 6:43 a.m.10 views

CVE-2026-50205 Plaintext Log Credential Leakage

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

8.8CVSS5.8AI score0.00238EPSS
Exploits0References1
euvd
euvd
added 2026/06/04 6:43 a.m.10 views

EUVD-2026-34217

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

8.8CVSS5.8AI score0.00238EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/04 6:43 a.m.6 views

CVE-2026-50205

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

8.8CVSS5.8AI score0.00238EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/04 12:0 a.m.23 views

PT-2026-46156

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

8.8CVSS5.8AI score0.00238EPSS
Exploits0References2
nessus
nessus
added 2026/06/04 12:0 a.m.13 views

RockyLinux 10 : cockpit (RLSA-2026:21676)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:21676 advisory. cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI CVE-2026-4802 Tenable has extracted the preceding description block directly...

8CVSS6AI score0.01016EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/06/04 12:0 a.m.8 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from the system log files outputting unencrypted SMTP server authentication passwords and sensitive employee corporate identity data...

8.8CVSS5.3AI score0.00238EPSS
Exploits0References1
rocky
rocky
added 2026/05/30 6:3 p.m.14 views

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

8CVSS6AI score0.01016EPSS
Exploits0
osv
osv
added 2026/05/30 6:3 p.m.20 views

RLSA-2026:21468 Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
rocky
rocky
added 2026/05/29 6:0 a.m.18 views

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

8CVSS7.2AI score0.01016EPSS
Exploits0
osv
osv
added 2026/05/29 6:0 a.m.13 views

RLSA-2026:21700 Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
nessus
nessus
added 2026/05/29 12:0 a.m.16 views

RockyLinux 8 : cockpit (RLSA-2026:21700)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:21700 advisory. cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI CVE-2026-4802 Tenable has extracted the preceding description block directly fr...

8CVSS6AI score0.01016EPSS
Exploits0References3
Rows per page
Query Builder