Lucene search
K

575 matches found

EUVD
EUVD
added 2026/05/11 9:31 p.m.11 views

EUVD-2026-29196

Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates the daemon configuration directory and file with default filesystem permissions that may be world-readable on Unix-like systems, allowing local attackers to read bearer tokens and API credentials stored in /.summarize/daemon.json...

6.9CVSS5.8AI score0.00098EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/11 6:0 p.m.34 views

CVE-2026-45222 Summarize Insecure Daemon Configuration File Permissions

Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates the daemon configuration directory and file with default filesystem permissions that may be world-readable on Unix-like systems, allowing local attackers to read bearer tokens and API credentials stored in /.summarize/daemon.json...

6.9CVSS0.00098EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.14.1 contain security vulnerabilities. These vulnerabilities stem from the use of default file system permissions for the configuration directory and files of the daemon process. ...

6.9CVSS5.8AI score0.00098EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: netty (UTSA-2026-017767)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017767 advisory. Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. I...

6.2CVSS6.6AI score0.01777EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/05/06 7:40 a.m.5 views

CVE-2026-43103

In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/04/28 2:22 p.m.5 views

CLSA-2026-1777386117 Fix CVE(s): CVE-2026-33412

SECURITY UPDATE: Command injection via newline in glob on Unix-like systems - debian/patches/CVE-2026-33412.patch: add '\n' to the SHELLSPECIAL macro in src/osunix.c so mchexpandwildcards escapes embedded newlines before passing the glob pattern to the shell - CVE-2026-33412...

7.3CVSS5.8AI score0.00834EPSS
Exploits0References1
Fedora
Fedora
added 2026/04/25 1:58 a.m.12 views

[SECURITY] Fedora 44 Update: cups-2.4.17-1.fc44

CUPS printing system provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Apple Inc. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...

7.8CVSS5.5AI score0.00502EPSS
Exploits7
Debian CVE
Debian CVE
added 2026/04/24 4:54 p.m.4 views

CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

5.4CVSS5.3AI score0.00409EPSS
Exploits1
Chainguard
Chainguard
added 2026/04/17 1:17 p.m.9 views

CVE-2026-5860 vulnerabilities

Vulnerabilities for packages: chromium...

8.8CVSS7.4AI score0.0048EPSS
Exploits0
OSV
OSV
added 2026/04/10 12:57 a.m.12 views

CLEANSTART-2026-RJ58492 On Unix platforms, when listing the contents of a directory using File

Multiple security vulnerabilities affect the kyverno-fips package. On Unix platforms, when listing the contents of a directory using File. See references for individual vulnerability details...

9.8CVSS6.9AI score0.01557EPSS
Exploits1References20
NVD
NVD
added 2026/04/08 10:16 p.m.3 views

CVE-2026-40032

UAC Unix-like Artifacts Collector before 3.3.0-rc1 contains a command injection vulnerability in the placeholder substitution and command execution pipeline where the runcommand function passes constructed command strings directly to eval without proper sanitization. Attackers can inject shell...

8.5CVSS0.00726EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/04/07 5:0 p.m.3 views

CVE-2026-39316

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a use-after-free vulnerability exists in the CUPS scheduler cupsd when temporary printers are automatically deleted. cupsdDeleteTemporaryPrinters in...

6.2CVSS5.5AI score0.00178EPSS
Exploits1
OSV
OSV
added 2026/04/03 10:16 p.m.3 views

UBUNTU-CVE-2026-34980

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server...

7.5CVSS5.9AI score0.00502EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/04/03 10:16 p.m.2 views

CVE-2026-27447

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass vulnerability due to case-insensitive username comparison during authorization checks. The vulnerability allows an...

6.3CVSS5.9AI score0.00317EPSS
Exploits1References2
OSV
OSV
added 2026/03/27 2:8 p.m.3 views

OESA-2026-1781 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7.3CVSS6AI score0.00834EPSS
Exploits0References2
OSV
OSV
added 2026/03/24 8:16 p.m.3 views

ALPINE-CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

7.3CVSS6AI score0.00834EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 8:16 p.m.3 views

UBUNTU-CVE-2026-33412

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

7.3CVSS6.2AI score0.00834EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/24 7:43 p.m.26 views

CVE-2026-33412 Vim affected by Command injection via newline in glob()

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.6CVSS0.00834EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 7:43 p.m.1 views

CVE-2026-33412 Vim affected by Command injection via newline in glob()

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.6CVSS6AI score0.00834EPSS
Exploits0References3
OSV
OSV
added 2026/03/24 7:43 p.m.4 views

CVE-2026-33412 Vim affected by Command injection via newline in glob()

Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...

5.6CVSS6AI score0.00834EPSS
Exploits0References6
Rows per page
Query Builder