330 matches found
OwnCloud - Phpinfo Configuration
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment phpinfo. This information...
SUSE SLES15 Security Update : containerized-data-importer (SUSE-SU-2026:2493-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2493-1 advisory. - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110,...
SUSE-SU-2026:2493-1 Security update for containerized-data-importer
This update for containerized-data-importer fixes the following issues: - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110, post-v1.65.0. Fixed by this update: google.golang.org/grpc 1.65.0 - 1.79.3: bsc1260295...
OPENSUSE-SU-2026:11074-1 containerized-data-importer1.65-api-1.65.0-1.1 on GA media
These are all security issues fixed in the containerized-data-importer1.65-api-1.65.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11054-1 containerized-data-importer-1.65-api-1.65.0-1.1 on GA media
These are all security issues fixed in the containerized-data-importer-1.65-api-1.65.0-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE-SU-2026:2407-1 Security update for containerized-data-importer
This update for containerized-data-importer rebuilds the current sources against latest go security release and the images against the latest released updates...
Bug-Bounty-Practice-lab
Syntex Solutions — Vulnerable Lab ⚠️ WARNING — FOR AUTHOR...
CVE-2026-33814 affecting package containerized-data-importer for versions less than 1.62.0-6
CVE-2026-33814 affecting package containerized-data-importer for versions less than 1.62.0-6. A patched version of the package is available...
CVE-2026-25681 affecting package containerized-data-importer for versions less than 1.62.0-5
CVE-2026-25681 affecting package containerized-data-importer for versions less than 1.62.0-5. A patched version of the package is available...
CVE-2026-42502 affecting package containerized-data-importer for versions less than 1.62.0-5
CVE-2026-42502 affecting package containerized-data-importer for versions less than 1.62.0-5. A patched version of the package is available...
CVE-2026-27136 affecting package containerized-data-importer for versions less than 1.62.0-5
CVE-2026-27136 affecting package containerized-data-importer for versions less than 1.62.0-5. A patched version of the package is available...
CVE-2026-25680 affecting package containerized-data-importer for versions less than 1.62.0-5
CVE-2026-25680 affecting package containerized-data-importer for versions less than 1.62.0-5. A patched version of the package is available...
CVE-2026-42506 affecting package containerized-data-importer for versions less than 1.62.0-5
CVE-2026-42506 affecting package containerized-data-importer for versions less than 1.62.0-5. A patched version of the package is available...
CVE-2026-39821 affecting package containerized-data-importer for versions less than 1.62.0-5
CVE-2026-39821 affecting package containerized-data-importer for versions less than 1.62.0-5. A patched version of the package is available...
CVE-2026-35469 affecting package containerized-data-importer for versions less than 1.62.0-4
CVE-2026-35469 affecting package containerized-data-importer for versions less than 1.62.0-4. A patched version of the package is available...
CVE-2026-32288 affecting package containerized-data-importer for versions less than 1.62.0-3
CVE-2026-32288 affecting package containerized-data-importer for versions less than 1.62.0-3. A patched version of the package is available...
Medium: cifs-utils
Issue Overview: A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentia...
CVE-2026-41268
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...
CVE-2026-41268 Flowise: Flowise Parameter Override Bypass Remote Command Execution
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...
aws-mcp-server 操作系统命令注入漏洞
aws-mcp-server is a lightweight service developed by Alexei Ledenev. It enables AI assistants to execute AWS CLI commands through the Model Context Protocol MCP in a secure, containerized environment. aws-mcp-server has an operating system command injection vulnerability, which stems from...