Lucene search
K

12448 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fixed an out-of-bounds write in fastimageblit. This issue occurs when a user-space program calls ioctl FBIOPUTCON2FBMAP by passing the console number and the frame buffer number. Ideally, this maps the console to the frame...

7.8CVSS6.5AI score0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, an attacker can trick runc into binding paths that are normally read-only or masked, allowing them to be...

8.4CVSS6.6AI score0.00523EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netconsole: Avoid out-of-band OOB reads; the message is not terminated with nul. The message passed to netconsole from the console subsystem is not guaranteed to be terminated with nul. Before the recent commit 7eab73b18630...

9.1CVSS5.5AI score0.00462EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: fixed an out-of-bounds access in ttydriverlookuptty When an invalid console= device is specified, such as console=tty3270, ttydriverlookuptty returns the tty struct without checking whether the index is a valid number. To...

5.9AI score0.00177EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vcscreen: The load of the struct vcdata pointer in vcsread was moved to avoid a Use-After-Free UAF condition. After a call to consoleunlock in vcsread, the struct vcdata structure can be freed using vcdeallocate. Therefore, the...

7.8CVSS6.1AI score0.00274EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/19 3:31 p.m.6 views

org.glassfish.main.admingui:admingui (>=6.0.0 <=9.0.0-M1), org.glassfish.main.admingui:console-cluster-plugin (>=6.0.0 <=9.0.0-M1) +19 more potentially affected by CVE-2026-2587 via org.glassfish.jsftemplating:jsftemplating (>=3.0.0 <=4.1.0)

org.glassfish.jsftemplating:jsftemplating MAVEN version =3.0.0, =6.0.0, =6.0.0, =7.0.16, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =9.0.0-M1 and more Source cves: CVE-2026-2587 Source advisory: OSV:GHSA-29WV-CV7P-XJC2https://vulners.c...

9.6CVSS5.4AI score0.00628EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/05/19 3:31 p.m.8 views

org.glassfish.main.admingui:console-cluster-plugin (>=3.1.2 <=8.0.1), org.glassfish.main.admingui:console-commandrecorder-plugin (>=7.0.16 <=8.0.1) +15 more potentially affected by CVE-2026-2586 via org.glassfish.main.admingui:console-common (>=3.1.2 <=8.0.1)

org.glassfish.main.admingui:console-common MAVEN version =3.1.2, =3.1.2, =7.0.16, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =4.0, =3.1.2, =4.0, =3.1.2, =4.0, =4.0, =6.2.5, =4.1, =8.0.1 and more Source cves: CVE-2026-2586 Source advisory: OSV:GHSA-96V6-HQ43-X9H4...

9.1CVSS5.4AI score0.00819EPSS
Exploits1
OSV
OSV
added 2026/05/19 3:31 p.m.8 views

GHSA-96V6-HQ43-X9H4 GlassFish's Administration Console is Vulnerable to RCE

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

9.1CVSS6.1AI score0.00819EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/19 3:31 p.m.10 views

GlassFish's Administration Console is Vulnerable to RCE

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

9.1CVSS6.1AI score0.00819EPSS
Exploits1References4Affected Software2
NVD
NVD
added 2026/05/19 3:16 p.m.16 views

CVE-2026-2586

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user. This issue...

9.1CVSS0.00819EPSS
Exploits1References1
CVE
CVE
added 2026/05/19 2:12 p.m.41 views

CVE-2026-2586

CVE-2026-2586: An authenticated RCE in GlassFish Administration Console. A user with console access can send crafted requests to execute arbitrary OS commands with the privileges of the application service user. Affected: GlassFish Admin Console. Impact (per provided metrics): high confidentialit...

9.1CVSS6.2AI score0.00819EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 2:12 p.m.8 views

CVE-2026-2586

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user. This issue...

9.1CVSS6.2AI score0.00819EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/19 2:12 p.m.12 views

EUVD-2026-30939

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

9.1CVSS6.1AI score0.00819EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/19 2:12 p.m.41 views

CVE-2026-2586

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user. This issue...

9.1CVSS0.00819EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/19 2:12 p.m.10 views

CVE-2026-2586

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user. This issue...

9.1CVSS6.2AI score0.00819EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/05/19 1:41 p.m.13 views

org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation

An improper input neutralization flaw has been discovered in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a...

9.6CVSS7.3AI score0.09917EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:41 p.m.16 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.6CVSS7AI score0.09917EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/19 9:22 a.m.16 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.6CVSS7AI score0.09917EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/19 9:0 a.m.18 views

Important: Red Hat Security Advisory: tomcat9 security update

An update for tomcat9 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.6CVSS7AI score0.09917EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/05/19 9:0 a.m.13 views

org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation

An improper input neutralization flaw has been discovered in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a...

9.6CVSS7.3AI score0.09917EPSS
Exploits0References6
Rows per page
Query Builder