Lucene search
+L

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-9639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes...

6.5CVSS6AI score0.00389EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 4:16 p.m.10 views

CVE-2026-9639

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...

6.5CVSS0.00389EPSS
Exploits1References3
CVE
CVE
added 2026/06/26 3:39 p.m.25 views

CVE-2026-9639

CVE-2026-9639 describes a nil-pointer dereference in LXD’s CreateCustomVolumeFromBackup. On Linux, affected versions are up to 6.8 and 5.21. An authenticated user with the ability to can_create_storage_volumes can trigger a denial of service by supplying a specially crafted custom-volume backup t...

6.5CVSS5.7AI score0.00389EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/06/26 3:39 p.m.4 views

CVE-2026-9639 Authenticated Denial of Service via Malicious Backup Tarball in LXD

Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...

6.5CVSS5.9AI score0.00389EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52843

Name of the Vulnerable Software and Affected Versions LXD versions prior to 6.9 LXD version 5.21 Description A nil-pointer dereference occurs in the CreateCustomVolumeFromBackup function when processing a specially crafted custom-volume backup tarball that omits the expires at snapshot field. An...

6.5CVSS6AI score0.00389EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/05/07 1:5 p.m.10 views

CVE-2026-41648

Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup tarball that when...

5.3CVSS5.7AI score0.00269EPSS
Exploits1
Snyk
Snyk
added 2026/05/04 7:44 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the YAML metadata parsing process. An attacker can cause excessive memory consumption and potentially trigger an out-of-memory condition on the server by uploading a crafted image ...

5.3CVSS5.8AI score0.00269EPSS
Exploits1References2
Rows per page
Query Builder