9489 matches found
GHSA-Q38V-WP89-2W55 sh _uid does not drop supplementary groups (incomplete privilege drop)
Impact The uid option performed an incomplete privilege drop on Linux/Unix-like systems. When sh was run from a process with elevated privileges, such as root, and a command was launched with uid=, the child process changed its UID and primary GID but did not reset its supplementary groups. As a...
Plone Docker - Host Header Injection
Plone Docker Official Image 5.2.13 5221 is vulnerable to Host Header Injection due to improper validation of input by the HOST headers. This can lead to Cross-Site Scripting XSS attacks when the malicious Host header value is reflected in the response. id: CVE-2024-23055 info: name: Plone Docker ...
H3C SSL VPN <=2022-07-10 - Cross-Site Scripting
H3C SSL VPN 2022-07-10 and prior contains a cookie-based cross-site scripting vulnerability in wnm/login/login.json svpnlang. id: CVE-2022-35416 info: name: H3C SSL VPN =2022-07-10 - Cross-Site Scripting author: 0x240x23elu severity: medium description: | H3C SSL VPN 2022-07-10 and prior contains...
CVE-2026-44180
CVE-2026-44180 affects Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids can be bypassed to run kernels as root by supplying KERNEL_UID/KERNEL_GID values with whitespace. Affected versions: 2.0.0rc1 through
CVE-2026-33692
WWBN AVideo is an open source video platform. Versions prior to 29.0 expose .env files to unauthenticated users through the official Docker compose configuration. The official docker-compose.yml mounts the entire project root directory as the Apache document root, causing the .env file — which...
CVE-2026-33692 AVideo Has Unauthenticated .env File Exposure via Official Docker Compose Configuration
WWBN AVideo is an open source video platform. Versions prior to 29.0 expose .env files to unauthenticated users through the official Docker compose configuration. The official docker-compose.yml mounts the entire project root directory as the Apache document root, causing the .env file — which...
CVE-2026-33692
Summary: CVE-2026-33692 affects WWBN AVideo prior to 29.0, where the official Docker Compose configuration exposes the project’s .env file to unauthenticated users via the root path (/.env). The docker-compose.yml mounts the entire project root as the Apache document root, allowing access to sens...
CVE-2026-50562
FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...
EUVD-2026-44749
FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...
CVE-2026-50562
FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...
CVE-2026-50562 FastGPT: Untrusted PR artifacts are pushed and deployed by privileged preview workflows
FastGPT is a knowledge-based AI application platform. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted pull request code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged...
CVE-2026-50562
CVE-2026-50562 describes a supply-chain risk in FastGPT where, at commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted PR code in .github/workflows/preview-docs-build.yml and .github/workflows/preview-fastgpt-build.yml can be downloaded by privileged workflo...
CVE-2026-59891
sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 0.7.1, getRegistryCredentials reads credentials from the Docker config file and selects an entry by checking whether any configured auth key contains the target registry string. Because this is a substring...
CVE-2026-59891
The CVE-2026-59891 entry concerns sigstore-js prior to 0.7.1. getRegistryCredentials() reads Docker config credentials and selects an entry by substring match of the target registry, which can cause credentials for one registry to be sent to a different registry whose hostname has a matching subs...
CVE-2026-11403
A vulnerability in Sonatype Nexus Repository Manager's format-specific API key generation may allow a remote attacker to gain unauthorized access to repository operations as a targeted user. A format-specific API key realm NuGet API Key, Docker Bearer Token, or npm Bearer Token must be enabled an...
Linux Distros Unpatched Vulnerability : CVE-2026-14373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an...
Linux Distros Unpatched Vulnerability : CVE-2026-14891
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into ...
CVE-2026-56259
Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...
CVE-2026-56260
Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and /pdf endpoints. The outputpath parameter accepts arbitrary filesystem paths without validation, allowing an attacker to supply absolute or path-traversal values to write to any location...
CVE-2026-56260
CVE-2026-56260 affects Crawl4AI