Lucene search
K

12 matches found

UbuntuCve
UbuntuCve
added 2026/04/07 5:16 p.m.7 views

CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

9.8CVSS6.4AI score0.142EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2026/03/26 8:30 p.m.8 views

forman: Foreman: Remote Code Execution via command injection in WebSocket proxy

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS7.7AI score0.01408EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/26 8:28 p.m.9 views

forman: Foreman: Remote Code Execution via command injection in WebSocket proxy

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS7.7AI score0.01408EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/26 7:47 p.m.8 views

forman: Foreman: Remote Code Execution via command injection in WebSocket proxy

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS6.5AI score0.01408EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/26 3:30 p.m.3 views

EUVD-2026-16167

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS6.5AI score0.01408EPSS
Exploits0References3
NVD
NVD
added 2026/03/26 1:16 p.m.3 views

CVE-2026-1961

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS0.01408EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/26 12:53 p.m.21 views

CVE-2026-1961 Forman: foreman: remote code execution via command injection in websocket proxy

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS0.01408EPSS
Exploits0References5
CVE
CVE
added 2026/03/26 12:53 p.m.11 views

CVE-2026-1961

CVE-2026-1961 affects Foreman via a command injection in Foreman's WebSocket proxy. The vulnerability arises from unsanitized hostname values from compute resource providers when building shell commands. An attacker operating a malicious compute resource server could achieve remote code execution...

8CVSS6.5AI score0.01408EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/26 12:53 p.m.6 views

CVE-2026-1961

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS7.7AI score0.01408EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/26 12:53 p.m.3 views

CVE-2026-1961 Forman: foreman: remote code execution via command injection in websocket proxy

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS6.5AI score0.01408EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 12:52 p.m.7 views

CVE-2026-1961

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS6.5AI score0.01408EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28315

Name of the Vulnerable Software and Affected Versions Foreman versions prior to 3.16.3 Foreman versions prior to 3.17.2 Foreman versions prior to 3.18.1 Description A flaw exists in Foreman that allows a remote attacker to exploit a command injection vulnerability within the WebSocket proxy...

8CVSS6.5AI score0.01408EPSS
Exploits0References12
Rows per page
Query Builder