Lucene search
K

6 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Ansible

A flaw was identified in the use of insufficiently random values in Ansible. Two random password lookups of the same length result in the generation of the same value as the template caching action for the same file, since no re-evaluation occurs. The greatest risk posed by this vulnerability is...

5.5CVSS6.5AI score0.00435EPSS
Exploits1References2
OSV
OSV
added 2025/12/03 8:40 p.m.6 views

CVE-2025-66404 mcp-server-kubernetes potential security issue in exec_in_pod tool

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the execinpod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string...

6.4CVSS7.4AI score0.01309EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.4 views

WordPress plugin Affiliates Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

4.8CVSS5AI score0.00538EPSS
Exploits2References2
OSV
OSV
added 2021/05/27 7:15 p.m.2 views

DEBIAN-CVE-2020-10729

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords a...

5.5CVSS6.9AI score0.00435EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.3 views

jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.02959EPSS
Exploits0References4
CNVD
CNVD
added 2017/10/23 12:0 a.m.5 views

Cross-site request forgery vulnerability in phpMyFAQ admin/stat.ratings.php file

phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site request forgery vulnerability exists...

8.8CVSS8.7AI score0.02483EPSS
Exploits2References1
Rows per page
Query Builder