Lucene search
+L

966 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/20 5:43 p.m.11 views

CVE-2026-24218

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...

8.1CVSS5.8AI score0.00586EPSS
Exploits0References4
CVE
CVE
added 2026/05/20 5:43 p.m.92 views

CVE-2026-24218

CVE-2026-24218 affects NVIDIA DGX OS. The vulnerability arises during factory provisioning: cloning a base image deploys identical SSH host keys across multiple systems, enabling host impersonation or attacker-in-the-middle attacks. Consequences listed include potential code execution, data tampe...

8.1CVSS5.8AI score0.00586EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. The checkout.c file mishandles equivalent filenames that exist due to NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...

9.8CVSS9.1AI score0.05087EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nftables: nftdynset: fixed a possible stateful expression memory leak in the error path. If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/rsrc: Validates the buffer count with an offset for cloning. syzbot reports that it can trigger a WARNON when a kmalloc attempt is too large. WARNING: CPU: 0, PID: 6488, at mm/slub.c:5024, kvmallocnodenoprof+0x520/0x64...

5.5CVSS6AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there was undefined behavior function-type-mismatch in splay tree cloning callbacks. This caused a deterministic abort under UBSan DoS in sanitizer builds, with ...

6.1CVSS5.3AI score0.00407EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. path.c improperly handles equivalent filenames that exist due to NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS9.1AI score0.0511EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Zoned – Cloning zoned device info when cloning a device When cloning a btrfsdevice, we are not cloning the associated btrfszoneddeviceinfo structure of the device, especially in cases where the filesystem is zoned. This ca...

5.5CVSS5.9AI score0.0014EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

NVIDIA DGX OS 安全漏洞

NVIDIA DGX OS is a Linux operating system and cluster management environment for the DGX AI server platform developed by NVIDIA Corporation in the United States. NVIDIA DGX OS contains security vulnerabilities. These vulnerabilities arise from cloning base images during factory configuration...

8.1CVSS5.9AI score0.00586EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 9:57 p.m.11 views

EUVD-2026-30998

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier had a cross-site scripting vulnerability. This vulnerability occurred when cloning issues from other projects, where the clone form added the source project...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 7:52 a.m.12 views

SUSE-SU-2026:1952-1 Security update for ovmf

This update for ovmf fixes the following issues - CVE-2026-25833: mbedtls: buffer underflow in x509inetptonipv6 bsc1261476. - CVE-2026-25834: mbedtls: Algorithm downgrade vulnerability bsc1261477. - CVE-2026-25835: mbedtls: PSA random generator cloning bsc1261478. - CVE-2026-34874: mbedtls: NULL...

7.7CVSS5.9AI score0.00308EPSS
Exploits0References9
HackRead
HackRead
added 2026/05/16 10:13 a.m.15 views

AI Voice Cloning: The Technology Behind It, Who’s Building It, and Where It’s Headed

Explore AI voice cloning technology, leading companies, real-world uses, ethical risks, and future trends shaping synthetic voices...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/14 6:45 p.m.9 views

MAL-2026-3742 Malicious code in tronpath (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d9ca86850c4078f14665d6f5bafabc8d794a480a5d990c8a697bc2019869005d Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:32 p.m.9 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bugreportpage.php process when cloning an issue from a different project, due to improper escaping of the source project name. An attacker with sufficient...

8.6CVSS5.6AI score0.00444EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 9:44 a.m.11 views

CLSA-2026-1778492641 perl: Fix of 2 CVEs

CVE-2023-47038: fix write past buffer end via illegal user-defined Unicode property, for almalinux9.2esu - CVE-2025-40909: clone dirhandles without fchdir, for almalinux9.2esu...

7.8CVSS6.8AI score0.00832EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

go-git 安全漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.18.0 and 6.0.0-alpha.2 contained security vulnerabilities. These vulnerabilities were due to a flaw where, during intelligent HTTP cloning and fetch operations, redirecting could lea...

7.4CVSS5.8AI score0.00259EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 10:40 p.m.9 views

CLSA-2026-1778177253 perl: Fix of 2 CVEs

CVE-2023-47038: fix write past buffer end via illegal user-defined Unicode property, for almalinux9.2esu - CVE-2025-40909: clone dirhandles without fchdir, for almalinux9.2esu...

7.8CVSS6.8AI score0.00832EPSS
Exploits0References1
NVD
NVD
added 2026/05/07 4:16 a.m.27 views

CVE-2026-41002

The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater Enterpris...

8.1CVSS0.0022EPSS
Exploits0References1
Rows per page
Query Builder