Lucene search
+L

1513 matches found

OSV
OSV
added 2026/05/18 1:19 p.m.4 views

SUSE-SU-2026:1619-2 Security update for PackageKit

This update for PackageKit fixes the following issue: - CVE-2026-41651: Do not allow re-invoking methods on non-new transactions bsc1262220...

8.8CVSS5.8AI score0.0046EPSS
Exploits10References3
OSV
OSV
added 2026/05/18 5:39 a.m.18 views

BIT-ETCD-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/18 1:24 a.m.21 views

[SECURITY] Fedora 42 Update: valkey-8.0.9-1.fc42

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS5.8AI score0.02995EPSS
Exploits4
Fedora
Fedora
added 2026/05/18 12:59 a.m.25 views

[SECURITY] Fedora 43 Update: valkey-8.1.7-1.fc43

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.8CVSS5.8AI score0.02995EPSS
Exploits4
Microsoft CVE
Microsoft CVE
added 2026/05/17 8:1 a.m.15 views

etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

...

6.5CVSS5.8AI score0.00225EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.10 views

SUSE CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 6:16 p.m.15 views

CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 5:1 p.m.35 views

CVE-2026-44283

CVE-2026-44283 affects etcd, a distributed key-value store. The issue: in nested transaction operations, read access via PrevKv or lease attachment in Put requests can bypass RBAC authorization checks. This could allow an authenticated user with limited read or lease permissions to access data th...

4.3CVSS5.8AI score0.00225EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/14 5:1 p.m.8 views

CVE-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

5.8AI score0.00225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 5:1 p.m.9 views

CVE-2026-44283

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

5.8AI score0.00225EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/14 5:1 p.m.37 views

CVE-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

0.00225EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-44283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via...

4.3CVSS5.6AI score0.00225EPSS
Exploits0References3
NVD
NVD
added 2026/05/13 9:16 p.m.32 views

CVE-2026-45054

CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page admin.php?g=orders&node=transactions builds a raw ORDER BY SQL fragment from the attacker-controlled $GET'sort' array without column or direction validation. Both the column key and the directio...

4.9CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 8:42 p.m.11 views

CVE-2026-45054 CubeCart: Authenticated SQL Injection via `sort[]` Parameter in Admin Orders Transactions Listing

CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page admin.php?g=orders&node=transactions builds a raw ORDER BY SQL fragment from the attacker-controlled $GET'sort' array without column or direction validation. Both the column key and the directio...

4.9CVSS6.1AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 8:42 p.m.51 views

CVE-2026-45054 CubeCart: Authenticated SQL Injection via `sort[]` Parameter in Admin Orders Transactions Listing

CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page admin.php?g=orders&node=transactions builds a raw ORDER BY SQL fragment from the attacker-controlled $GET'sort' array without column or direction validation. Both the column key and the directio...

4.9CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 8:42 p.m.20 views

CVE-2026-45054

CubeCart 6.x prior to 6.7.0 contains an SQL injection vulnerability in the admin orders-transactions listing (admin.php?_g=orders&node=transactions). The vulnerability arises because the code builds a raw ORDER BY clause from the attacker-controlled $_GET['sort'] array without proper validation, ...

4.9CVSS6.1AI score0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 8:42 p.m.10 views

EUVD-2026-30171

CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page admin.php?g=orders&node=transactions builds a raw ORDER BY SQL fragment from the attacker-controlled $GET'sort' array without column or direction validation. Both the column key and the directio...

4.9CVSS6.1AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2026/05/13 8:42 p.m.3 views

CVE-2026-45054 CubeCart: Authenticated SQL Injection via `sort[]` Parameter in Admin Orders Transactions Listing

CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page admin.php?g=orders&node=transactions builds a raw ORDER BY SQL fragment from the attacker-controlled $GET'sort' array without column or direction validation. Both the column key and the directio...

4.9CVSS6.2AI score0.00239EPSS
Exploits0References3
OSV
OSV
added 2026/05/12 7:42 a.m.7 views

MAL-2026-3679 Malicious code in @2oolkit/hyperliquid-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.16 views

Malicious code in @2oolkit/hyperliquid-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...

5.9AI score
Exploits0References2
Rows per page
Query Builder