CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

208 matches found

FOG Project < 1.5.10.34 - Remote Command Execution

FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. id: CVE-2024-39914 info: name: FOG Project 1.5.10.34 - Remote...

9.8CVSS5.8AI score0.93559EPSS

Exploits1References4

RedhatCVE•added 2026/03/28 11:9 p.m.•0 views

CVE-2026-33739

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.1812, the listing tables on multiple management pages Host, Storage, Group, Image, Printer, Snapin are vulnerable to Stored Cross-Site Scripting XSS, due to insufficient server-side parameter...

5.7CVSS5.9AI score0.00051EPSS

Exploits1References1

NVD•added 2026/03/27 8:16 p.m.•0 views

CVE-2026-33739

5.7CVSS0.00051EPSS

Exploits1References1

EUVD•added 2026/03/27 7:45 p.m.•2 views

EUVD-2026-16779

5.7CVSS5.9AI score0.00051EPSS

Exploits1References1

Cvelist•added 2026/03/27 7:45 p.m.•18 views

CVE-2026-33739 FOG has Stored XSS in Multiple Management Pages

5.7CVSS0.00051EPSS

Exploits1References1

CVE•added 2026/03/27 7:45 p.m.•2 views

CVE-2026-33739

Summary: CVE-2026-33739 affects the FOG project (cloning/imaging/rescue suite). Before version 1.5.10.1812, listing tables on multiple management pages (Host, Storage, Group, Image, Printer, Snapin) were vulnerable to Stored Cross‑Site Scripting (XSS) due to insufficient server‑side parameter san...

5.7CVSS5.9AI score0.00051EPSS

Exploits1References1Affected Software1

CNNVD•added 2026/03/27 12:0 a.m.•2 views

FOG 跨站脚本漏洞

FOG is an open-source computer cloning and management system developed by the FOG Project. Versions of FOG prior to 1.5.10.1812 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient server-side parameter cleaning and the lack of HTML escaping in list tables,...

5.7CVSS5.7AI score0.00051EPSS

Exploits1References2

Positive Technologies•added 2026/03/27 12:0 a.m.•0 views

PT-2026-28520

Name of the Vulnerable Software and Affected Versions FOG versions prior to 1.5.10.1812 Description FOG, a free open-source cloning/imaging/rescue suite/inventory management system, contains a Stored Cross-Site Scripting XSS issue. This occurs due to insufficient server-side parameter sanitizatio...

5.7CVSS5.9AI score0.00051EPSS

Exploits1References6

RedHat Linux•added 2026/03/26 8:30 p.m.•2 views

fog-kubevirt: fog-kubevirt: Man-in-the-Middle vulnerability due to disabled certificate validation

A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle MITM attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in...

8.1CVSS7AI score0.00012EPSS

Exploits0References4

RedHat Linux•added 2026/03/26 8:28 p.m.•2 views

fog-kubevirt: fog-kubevirt: Man-in-the-Middle vulnerability due to disabled certificate validation

8.1CVSS7AI score0.00012EPSS

Exploits0References4

Snyk•added 2026/02/02 6:30 a.m.•1 views

Improper Certificate Validation

Overview fog-kubevirt is a This library can be used as a module for fog. Affected versions of this package are vulnerable to Improper Certificate Validation due to disabled certificate validation. An attacker can intercept and modify sensitive communications by performing a man-in-the-middle...

8.1CVSS5.5AI score0.00012EPSS

Exploits0References2

Github Security Blog•added 2026/02/02 6:30 a.m.•3 views

fog-kubevirt allows remote attacker to perform MITM attack due to disabled certificate validation

8.1CVSS5.4AI score0.00012EPSS

Exploits0References12Affected Software1

OSV•added 2026/02/02 6:30 a.m.•0 views

GHSA-M3HQ-3QJ8-C5FM fog-kubevirt allows remote attacker to perform MITM attack due to disabled certificate validation

8.1CVSS5.5AI score0.00012EPSS

Exploits0References12

NVD•added 2026/02/02 6:16 a.m.•4 views

CVE-2026-1530

8.1CVSS0.00012EPSS

Exploits0References4

Vulnrichment•added 2026/02/02 5:47 a.m.•1 views

CVE-2026-1530 Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation

8.1CVSS5.4AI score0.00012EPSS

Exploits0References4

EUVD•added 2026/02/02 5:47 a.m.•2 views

EUVD-2026-5118

8.1CVSS5.4AI score0.00012EPSS

Exploits0References2

CVE•added 2026/02/02 5:47 a.m.•9 views

CVE-2026-1530

The CVE concerns fog-kubevirt, where disabled certificate validation enables a remote MITM, allowing interception and possible modification of communications between Satellite and OpenShift, leading to information disclosure and data integrity compromise. The provided documents do not specify aff...

8.1CVSS5.8AI score0.00012EPSS

Exploits0References4

Cvelist•added 2026/02/02 5:47 a.m.•25 views

CVE-2026-1530 Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation

8.1CVSS0.00012EPSS

Exploits0References4

ATTACKERKB•added 2026/02/02 5:47 a.m.•3 views

CVE-2026-1530

8.1CVSS5.8AI score0.00012EPSS

Exploits0References5

Positive Technologies•added 2026/02/02 12:0 a.m.•1 views

PT-2026-5612

Name of the Vulnerable Software and Affected Versions fog-kubevirt affected versions not specified Description A flaw exists in fog-kubevirt that allows a remote attacker to conduct a Man-in-the-Middle MITM attack. This is due to disabled certificate validation, which enables the attacker to...

8.1CVSS5.5AI score0.00012EPSS

Exploits0References17

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by