Lucene search
K

249 matches found

Cvelist
Cvelist
added 2026/04/17 9:4 p.m.23 views

CVE-2026-40304 zrok's broken ownership check in DELETE /api/v2/unaccess allows non-admin to delete global frontend records

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the unaccess handler controller/unaccess.go contains a logical error in its ownership guard: when a frontend record has environmentid = NULL the marker for admin-created global frontends, the conditio...

5.3CVSS0.00286EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/17 9:4 p.m.3 views

CVE-2026-40304

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the unaccess handler controller/unaccess.go contains a logical error in its ownership guard: when a frontend record has environmentid = NULL the marker for admin-created global frontends, the conditio...

5.3CVSS5.7AI score0.00286EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007325 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw Tenable has extracted the preceding description block...

5.9AI score0.00248EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 9:9 p.m.4 views

GHSA-3JPJ-V3XR-5H6G zrok: Broken ownership check in DELETE /api/v2/unaccess allows non-admin to delete global frontend records

Summary The unaccess handler controller/unaccess.go contains a logical error in its ownership guard: when a frontend record has environmentid = NULL the marker for admin-created global frontends, the condition short-circuits to false and allows the deletion to proceed without any ownership...

5.3CVSS5.8AI score0.00286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006824)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006824 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a...

7.8CVSS6.7AI score0.0033EPSS
Exploits0References4
Redos
Redos
added 2026/03/30 12:0 a.m.7 views

ROS-20260330-73-0002

A vulnerability in the media/dvb-frontends/dib7000p.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS5.9AI score0.0016EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.10 views

BuildKit 路径遍历漏洞

BuildKit is a concurrent, cache-efficient build tool package developed by Moby. Versions of BuildKit prior to 0.28.1 contained a path traversal vulnerability. This vulnerability stemmed from the possibility of custom BuildKit frontends constructing API messages, which could lead to file writing...

9.8CVSS6AI score0.00498EPSS
Exploits0References3
Fedora
Fedora
added 2026/02/04 2:11 a.m.7 views

[SECURITY] Fedora 43 Update: rust-sequoia-sq-1.3.1-9.fc43

Command-line frontends for Sequoia...

5.3CVSS5.2AI score0.00297EPSS
Exploits0
Fedora
Fedora
added 2026/02/04 2:5 a.m.8 views

[SECURITY] Fedora 42 Update: rust-sequoia-sq-1.3.1-9.fc42

Command-line frontends for Sequoia...

5.3CVSS5.2AI score0.00297EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27075)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27075 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stac...

7.8CVSS5.3AI score0.0033EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-56769)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56769 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix...

5.5CVSS5.5AI score0.00212EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.25 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1071)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

7.8CVSS7.3AI score0.00331EPSS
Exploits2References110
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.13 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

7.8CVSS7.3AI score0.00331EPSS
Exploits2References110
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001708)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001708 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

7CVSS6.6AI score0.00359EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001713 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

7CVSS6.6AI score0.00359EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001758)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001758 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...

7.1CVSS6.4AI score0.00325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001684)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001684 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

7CVSS6.6AI score0.00359EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001681)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001681 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...

7CVSS6.6AI score0.00359EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.15 views

Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23040)

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.5AI score0.00359EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/12/16 12:0 a.m.7 views

GRR 4.0.0.0

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR...

7AI score
Exploits0
Rows per page
Query Builder