Lucene search
K

11 matches found

CVE
CVE
added 2026/06/10 5:29 p.m.26 views

CVE-2026-50566

Fission prior to v1.24.0 is affected: a tenant with environments.fission.io create/update RBAC could run privileged / allowPrivilegeEscalation / dangerous-capability containers in the Fission function or builder namespace, scheduled under the executor’s high-privilege service account. This enable...

9.9CVSS5.4AI score0.0029EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/04 8:11 p.m.11 views

Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure

The fix for CVE-2026-31892 commit 534f4ff blocks podSpecPatch when templateReferencing: Strict is active, but doesn't restrict other WorkflowSpec fields that flow through the same merge path and get applied to pods. A user can set hostNetwork: true, override serviceAccountName, or change...

9.9CVSS7.3AI score0.00424EPSS
Exploits2References8Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/02 9:0 p.m.9 views

OpenClaw: Matrix thread root and reply context bypass sender allowlist

Summary Matrix thread root and reply context bypass sender allowlist Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Real in shipped v2026.3.28 Matrix because fetched thread-root/reply context bypasses sender allowlists, with unreleased mainline filtering fix...

6.5CVSS5.8AI score0.00157EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/21 12:42 a.m.3 views

CVE-2026-32052

OpenClaw versions prior to 2026.2.24 contain a command injection vulnerability in the system.run shell-wrapper that allows attackers to execute hidden commands by injecting positional argv carriers after inline shell payloads. Attackers can craft misleading approval text while executing arbitrary...

6.4CVSS6.1AI score0.00911EPSS
Exploits0References5
NVD
NVD
added 2025/09/29 11:15 p.m.6 views

CVE-2025-59941

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.8 and below, go-f3's justification verification caching mechanism has a vulnerability where verification results are cached without properly considering the context of the message. An attacker can bypass...

6.5CVSS0.00223EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/09/26 3:37 p.m.3 views

Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...

6.5CVSS7.3AI score0.01104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/26 2:54 p.m.4 views

Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...

6.5CVSS7.3AI score0.01104EPSS
Exploits0References5
OSV
OSV
added 2019/12/17 8:15 p.m.11 views

CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

7.8CVSS7.3AI score
Exploits0References6
OSV
OSV
added 2013/11/08 3:55 p.m.6 views

CVE-2013-4548

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet dat...

6AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/06/20 11:38 a.m.4 views

OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing...

10CVSS7.4AI score0.05572EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/06/13 1:4 p.m.4 views

OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing...

10CVSS7.4AI score0.05572EPSS
Exploits0References4
Rows per page
Query Builder