Lucene search
K

133 matches found

NVD
NVD
added 2026/06/22 2:17 p.m.12 views

CVE-2026-54099

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS0.00073EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/22 12:46 p.m.10 views

CVE-2026-54099 Windows-machine-config-operator: windows-machine-config-operator: wicd csr extra-organization allows privilege escalation to system:masters

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS5.8AI score0.00073EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 12:46 p.m.30 views

CVE-2026-54099 Windows-machine-config-operator: windows-machine-config-operator: wicd csr extra-organization allows privilege escalation to system:masters

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS0.00073EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 12:45 p.m.11 views

CVE-2026-54099

A flaw was found in the Windows Machine Config Operator WMCO for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A...

8.8CVSS5.8AI score0.00073EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.10 views

PT-2026-51305

Name of the Vulnerable Software and Affected Versions Red Hat OpenShift Container Platform 4 affected versions not specified Description A flaw exists in the Windows Machine Config Operator WMCO where the WICD CSR auto-approver validates that a Certificate Signing Request contains the organizatio...

8.8CVSS5.9AI score0.00073EPSS
Exploits0References12
OSV
OSV
added 2026/05/19 5:23 p.m.9 views

SUSE-SU-2026:21824-1 Security update for leancrypto

This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...

5.9CVSS5.9AI score0.00162EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/05/05 3:6 p.m.84 views

Exploit for CVE-2026-29000

HackTheBox — Principal Difficulty: Medium OS: Linux...

9.3CVSS5.8AI score0.05856EPSS
Exploits17
Microsoft CVE
Microsoft CVE
added 2026/05/02 8:4 a.m.6 views

crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed

...

7.1CVSS5.8AI score0.00126EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmwa...

7.1CVSS7.3AI score0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/01 7:43 p.m.6 views

CVE-2026-31699

A flaw was found in the Linux kernel's crypto: ccp module. A local user could exploit a vulnerability where the system attempts to copy a Certificate Signing Request CSR to userspace even after a Platform Security Processor PSP command has failed. This can lead to a slab-out-of-bounds write,...

7.1CVSS6AI score0.00126EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 2:16 p.m.8 views

CVE-2026-31699

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

7.1CVSS0.00126EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 1:55 p.m.24 views

CVE-2026-31699

Technical details about CVE-2026-31699 are not publicly available in the provided documents. Monitor for updates from OSV, Red Hat, SUSE, Debian and other trackers for affected products and fixes.

7.1CVSS6AI score0.00126EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 1:55 p.m.8 views

CVE-2026-31699

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

7.1CVSS6AI score0.00126EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 5:51 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar Vulnerability Details CVEID:CVE-2023-46673 DESCRIPTION: It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling...

7.5CVSS5.8AI score0.00943EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.6 views

PT-2026-36329

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the crypto CCP component when retrieving the PEK CSR. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the...

7.1CVSS5.9AI score0.00126EPSS
Exploits0
CVE
CVE
added 2026/02/02 1:15 p.m.12 views

CVE-2026-24070

CVE-2026-24070 describes a local privilege escalation in Native Instruments Native Access. The installer deploys a privileged helper (com.native-instruments.NativeAccess.Helper2) used via XPC to perform actions like copy-file, remove, or set-permissions. The XPC service restricts access to client...

8.8CVSS5.8AI score0.00213EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.11 views

CVE-2022-26481

An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request CSR action...

8.8CVSS7.3AI score0.01577EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/12/19 4:23 p.m.15 views

CVE-2025-14823

In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...

5.3CVSS6.8AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 6:30 p.m.5 views

EUVD-2025-204299

In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...

5.3CVSS6.3AI score0.00133EPSS
Exploits0References2
NVD
NVD
added 2025/12/18 4:15 p.m.5 views

CVE-2025-14823

In deployments using the ScreenConnect™ Certificate Signing Extension, encrypted configuration values including an Azure Key Vault-related key, could be returned to unauthenticated users through a client-facing endpoint under certain conditions. The values remained encrypted and securely stored a...

5.3CVSS0.00133EPSS
Exploits0References1
Rows per page
Query Builder