Lucene search
+L

15 matches found

Cvelist
Cvelist
added 2026/07/03 8:54 p.m.37 views

CVE-2026-58426 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write...

9.6CVSS0.00177EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:54 p.m.4 views

CVE-2026-58426 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write...

9.6CVSS5.9AI score0.00177EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:54 p.m.7 views

CVE-2026-58426

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write...

9.6CVSS5.9AI score0.00177EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55658

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An HMAC ambiguity in Gitea Actions Artifacts V4 signed URLs allows for cross-repository artifact reading and cross-task upload-state writing. HMAC Hash-based Message Authentication Code is a...

9.6CVSS5.9AI score0.00177EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.5 views

CVE-2026-40337

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

5.1CVSS5.8AI score0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/17 11:51 p.m.4 views

CVE-2026-40337 Sentry kernel has incomplete ownership check for IRQ line manipulation

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

5.1CVSS5.8AI score0.00155EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/17 11:51 p.m.40 views

CVE-2026-40337 Sentry kernel has incomplete ownership check for IRQ line manipulation

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

5.1CVSS0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/17 12:30 p.m.9 views

EUVD-2026-12566

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

8.1CVSS5.8AI score0.00409EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/17 10:53 a.m.2 views

CVE-2026-30911 Apache Airflow: Execution API HITL Endpoints Missing Per-Task Authorization

Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop HITL endpoints that allows any authenticated task instance to read, approve, or reject HITL workflows belonging to any other task instance. Users are recommended to upgrade to...

5.8AI score0.00409EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-3283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10...

7.5CVSS6.9AI score0.01453EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/09/09 12:0 a.m.5 views

Backdoor Attacks and Defenses in Computer Vision Domain: a Survey

Backdoor trojan attacks embed hidden, controllable behaviors into machine-learning models so that models behave normally on benign inputs but produce attacker-chosen outputs when a trigger is present. This survey reviews the rapidly growing literature on backdoor attacks and defenses in the...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.7 views

Hot-Swap MarkBoard: an Efficient Black-Box Watermarking Approach for Large-Scale Model Distribution

Recently, Deep Learning DL models have been increasingly deployed on end-user devices as On-Device AI, offering improved efficiency and privacy. However, this deployment trend poses more serious Intellectual Property IP risks, as models are distributed on numerous local devices, making them...

6.6AI score
Exploits0
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.10 views

HashiCorp Nomad and Nomad Enterprise up to Security Breach

Hashicorp Nomad and Hashicorp Nomad Enterprise are both products of Hashicorp, Inc.Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler. It supports the deployment of microservices, batch, containerized and non-containerized applications.Hashicorp Nomad Enterprise...

7.5CVSS7.1AI score0.01453EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/02/01 12:0 a.m.10 views

PT-2021-19961 · Hashicorp · Nomad Enterprise +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions prior to 0.12.10 HashiCorp Nomad and Nomad Enterprise versions prior to 1.0.3 Description: The issue is related to improper privilege management, allowing exec and java task drivers to access...

7.5CVSS7.2AI score0.01453EPSS
Exploits0References10
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2021/01/29 9:54 p.m.9 views

Nomad’s Exec and Java Task Drivers Did Not Isolate Processes

Summary Nomad and Nomad Enterprise “Nomad” exec and java task drivers may allow a malicious task to access information regarding processes associated with other tasks on the same node. This vulnerability, CVE-2021-3283, affects all prior Nomad versions and is fixed in the 0.12.10 and 1.0.3...

7.5CVSS6.9AI score0.01453EPSS
Exploits0Affected Software1
Rows per page
Query Builder