Lucene search
K

10 matches found

OSV
OSV
added 2026/06/25 6:26 p.m.3 views

GO-2026-5095 Grafana public dashboards disclose all direct mode datasources in github.com/grafana/grafana

Grafana public dashboards disclose all direct mode datasources in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 8:16 a.m.2 views

UBUNTU-CVE-2026-52941

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid NULL deref of conn-lnk in smcmsgevent tracepoint The smcmsgevent tracepoint class, shared by smctxsendmsg and smcrxrecvmsg, unconditionally dereferences smc-conn.lnk: stringname, smc-conn.lnk-ibname conn-lnk is onl...

5.7AI score0.00164EPSS
Exploits0References9
NVD
NVD
added 2026/03/27 3:16 p.m.4 views

CVE-2026-33758

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao installations that have an OIDC/JWT authentication method enabled and a role with callbackmode=direct configured are vulnerable to XSS via the errordescription parameter on the page for a failed...

9.6CVSS0.00287EPSS
Exploits0References7
OSV
OSV
added 2026/03/27 2:10 p.m.3 views

CVE-2026-33757 OpenBao lacks user confirmation for OIDC direct callback mode

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JWT/OIDC and a role with callbackmode set to direct. This allows an attacker to start an authentication request and perform "remote phishin...

9.6CVSS6.4AI score0.00411EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003354 advisory. In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations ...

4.7CVSS6.2AI score0.00285EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.2 views

SUSE CVE-2017-18224

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...

4.7CVSS5.9AI score0.00285EPSS
Exploits0References10
Kitploit
Kitploit
added 2018/04/18 12:51 p.m.29 views

Linux Exploit Suggester - Linux Privilege Escalation Auditing Tool

Often during the penetration test engagement the security analyst faces the problem of identifying privilege escalation attack vectors on tested Linux machines. One of viable attack vectors is using publicly known Linux exploit to gain root privileges on tested machine. Of course in order to do...

7.5AI score
Exploits0References2
OSV
OSV
added 2018/03/12 3:29 a.m.2 views

UBUNTU-CVE-2017-18224

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...

4.7CVSS6.6AI score0.00285EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/03/12 3:0 a.m.27 views

CVE-2017-18224

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...

4.7CVSS5.7AI score0.00285EPSS
Exploits0
Cvelist
Cvelist
added 2018/03/12 3:0 a.m.22 views

CVE-2017-18224

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service BUG by modifying a certain ecpos field...

5.3AI score0.00285EPSS
Exploits0References4
Rows per page
Query Builder