Lucene search
+L

69 matches found

SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.10 views

SUSE CVE-2026-48860

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.4AI score0.00194EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/21 1:3 p.m.13 views

CVE-2026-41888

A flaw was found in Distribution, a software toolkit used for managing container content. This vulnerability allows a remote attacker to bypass security settings designed to prevent the deletion of container tags. By sending a specific request, an attacker can remove tags from repositories even...

6.5CVSS5.8AI score0.00294EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/04/06 8:16 p.m.5 views

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.9AI score0.00455EPSS
Exploits1References2
OSV
OSV
added 2026/04/06 8:16 p.m.4 views

UBUNTU-CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.8AI score0.00455EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:8 p.m.7 views

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.9AI score0.00455EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/06 7:8 p.m.8 views

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.3AI score0.00455EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/04/06 3:17 p.m.11 views

CVE-2026-33540

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, in pull-through cache mode, distribution discovers token auth endpoints by parsing WWW-Authenticate challenges returned by the configured upstream registry. The realm URL from a bearer challenge is used...

7.5CVSS5.9AI score0.00274EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/04/06 2:55 p.m.6 views

CVE-2026-33540

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, in pull-through cache mode, distribution discovers token auth endpoints by parsing WWW-Authenticate challenges returned by the configured upstream registry. The realm URL from a bearer challenge is used...

7.5CVSS5.3AI score0.00274EPSS
Exploits1
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2025-208739

HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modified model artifacts being used, potentially leading to integrity concerns or unintended behaviour...

1.9CVSS5.8AI score0.00084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-0373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 allows project non-members to retrieve the service desk emai...

4.3CVSS5AI score0.00933EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-52723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a passwo...

7.1CVSS6.1AI score0.00547EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-7674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating tha...

4.3CVSS6.4AI score0.08037EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/09 8:46 a.m.16 views

CVE-2025-3497 Radiflow iSAP Smart Collector Linux distribution unmaintained

The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...

8.7CVSS0.00334EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-6519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape. CVE-2024-6519 Note...

8.2CVSS6.9AI score0.0025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-53145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on...

5.5CVSS6.7AI score0.00213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-34825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system...

7.5CVSS7AI score0.00616EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-33877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c. CVE-2024-33877 Note that Nessus relies on the presence of the...

8.8CVSS7.1AI score0.0092EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-25743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler i...

7.1CVSS6.6AI score0.00245EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-44505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a NULL pointer dereference aft...

7.5CVSS7.4AI score0.01493EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2023-33204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for...

7.8CVSS7AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder