Lucene search
K

13942 matches found

CVE
CVE
added yesterday5 views

CVE-2026-50428

Out-of-bounds read in Windows Container Isolation FS Filter Driver unionfs.sys allows an authorized attacker to disclose information locally...

7.1CVSS6AI score
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.24 security and extras update

Red Hat OpenShift Container Platform release 4.21.24 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS6.2AI score0.00656EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday41 views

Spring Framework - Path Traversal

Spring Framework MVC applications deployed as WAR or with embedded Servlet containers that do not reject suspicious URI sequences and serve static resources with Spring resource handling contain a path traversal vulnerability, letting attackers access unauthorized files, exploit requires...

5.9CVSS6.6AI score0.01916EPSS
Exploits1References4
Rockylinux
Rockylinux
added 2 days ago4 views

container-tools:rhel8 security update

An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...

7.5CVSS6.5AI score0.00813EPSS
Exploits0
NVD
NVD
added 2 days ago4 views

CVE-2026-13014

A vulnerability in Thales CERT "Suspicious" application = 1.3.4 allows a remote and unauthenticated attacker to execute arbitrary code and arbitrarily overwrite writable application files—including Python modules, configuration files, cron inputs, and runtime artifacts—leading to a persistent...

9.2CVSS0.0047EPSS
Exploits0References1
OSV
OSV
added 2 days ago3 views

RHSA-2026:38504 Red Hat Security Advisory: container-tools:rhel8 security update

Bulletin has no description...

7.5CVSS6.4AI score0.00813EPSS
Exploits0References25
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-13014 Remote Code Execution vulnerability in "Suspicious" application

A vulnerability in Thales CERT "Suspicious" application = 1.3.4 allows a remote and unauthenticated attacker to execute arbitrary code and arbitrarily overwrite writable application files—including Python modules, configuration files, cron inputs, and runtime artifacts—leading to a persistent...

9.2CVSS0.0047EPSS
Exploits0References1
CVE
CVE
added 2 days ago17 views

CVE-2026-13014

The CVE covers Thales CERT "Suspicious" application, affected at versions

9.2CVSS6.4AI score0.0047EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago7 views

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.5AI score0.00813EPSS
Exploits0References4
Nuclei
Nuclei
added 2 days ago106 views

Gitea Container Registry - Unauthorized Private Image Access

Gitea = 1.26.2. As a temporary workaround, set REQUIRESIGNINVIEW=true in gitea app.ini, though this blocks all anonymous access including public repos. reference: - https://blog.gitea.com/release-of-1.26.2/ - https://github.com/go-gitea/gitea/pull/37290 -...

8.2CVSS7.1AI score0.40738EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2 days ago6 views

Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-8530-1)

"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8530-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag....

9.8CVSS6.9AI score0.93235EPSS
Exploits42References23
Fedora
Fedora
added 4 days ago8 views

[SECURITY] Fedora 43 Update: docker-compose-5.3.0-1.fc43

Define and run multi-container applications with Docker...

9.6CVSS6.1AI score0.00412EPSS
Exploits0
OSV
OSV
added 5 days ago2 views

RHSA-2026:34755 Red Hat Security Advisory: OpenShift Container Platform 4.19.37 packages and security update

Bulletin has no description...

6.5CVSS6.1AI score0.00656EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

MiracleLinux 8 : container-tools:rhel8 (AXSA:2026-1242:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1242:01 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE:...

7.5CVSS6.8AI score0.00728EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-55605

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of @arikusi/deepseek-mcp-server exposes POST /mcp without any authentication: createMcpExpressApp is called without an authProvider and no middleware guards t...

5.3CVSS5.9AI score0.00429EPSS
Exploits0References4Affected Software1
NVD
NVD
added 6 days ago9 views

CVE-2026-59721

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, the updateInfraConfigs GraphQL mutation in admin/infra.resolver.ts accepts an attacker-controlled MAILERSMTPURL value, and validateSMTPUrl in utils.ts permits path, query, or fragment content that nodemailer parses into...

7.2CVSS0.00518EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 6 days ago6 views

Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...

8.7CVSS6AI score0.00656EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-54591

A flaw was found in AsyncSSH, a Python package for SSHv2 protocol implementation. A malicious SSH server could exploit this vulnerability by sending specially crafted filenames containing directory traversal sequences to an AsyncSSH SCP client. This could allow the server to write arbitrary files...

8.1CVSS6AI score0.00317EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 6 days ago5 views

Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.4

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.4 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.10.4 release that simplify the process of...

9.4CVSS6AI score0.00203EPSS
Exploits0References2
OSV
OSV
added 6 days ago2 views

RHSA-2026:34097 Red Hat Security Advisory: OpenShift Container Platform 4.17.55 packages and security update

Bulletin has no description...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References24
Rows per page
Query Builder