Lucene search
K

325 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/04 1:23 a.m.11 views

CVE-2025-71367

picklescan before 0.0.34 fails to detect operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using operator.attrgetter in reduce methods to execute arbitrary code when pickle.load processes the file...

8.1CVSS6.3AI score0.00445EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/23 9:24 p.m.19 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object...

6.9CVSS6AI score0.00282EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 9:24 p.m.4 views

GHSA-9FXM-VC8V-HJ55 jackson-databind's renamed @JsonIgnore'd setters can deserialize via private fields

Summary POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed rather than dropped. With MapperFeature.INFERPROPERTYMUTATORS enabled default, the private backing field is retained; during deserialization...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References6
OSV
OSV
added 2026/06/22 7:29 p.m.4 views

GO-2026-5058 HashiCorp's go-getter library may allow arbitrary file reads in github.com/hashicorp/go-getter

HashiCorp's go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This is fixed in go-getter v1.8.6. This vulnerability does not affect the go-getter/v2 branch and package...

7.5CVSS5.9AI score0.00583EPSS
Exploits1References2
OSV
OSV
added 2026/06/19 4:35 p.m.34 views

GHSA-Q7J3-V8QV-22VQ OpenTofu: Possible arbitrary file read during certain git operations via a maliciously crafted URL

Impact Possible data exposure. Summary While downloading packages from a maliciously crafted URL, some git operations against that URL could allow arbitrary file read. This might allow disclosure of confidential information. Details OpenTofu relies on go-getter for downloading packages like...

7.5CVSS6AI score
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/06/19 4:35 p.m.9 views

OpenTofu: Possible arbitrary file read during certain git operations via a maliciously crafted URL

Impact Possible data exposure. Summary While downloading packages from a maliciously crafted URL, some git operations against that URL could allow arbitrary file read. This might allow disclosure of confidential information. Details OpenTofu relies on go-getter for downloading packages like...

7.5CVSS6AI score0.00583EPSS
Exploits1References9Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.11 views

SUSE CVE-2026-45904

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...

5.8AI score0.00156EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-45904

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...

5.5CVSS0.00156EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 12:17 p.m.1 views

CVE-2026-45904 powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...

5.5CVSS6AI score0.00156EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/05/19 3:53 p.m.9 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS5.8AI score0.00482EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 3:53 p.m.13 views

EUVD-2026-30957

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS5.8AI score0.00482EPSS
Exploits0References1
Veracode
Veracode
added 2026/05/16 5:24 a.m.4 views

Arbitrary File Read

go-getter is vulnerable to Arbitrary File Read. The vulnerability is due to improper validation of maliciously crafted Git URLs during certain Git operations, where specially crafted URLs can access unintended file system paths, allowing attackers to read arbitrary files on the host system...

7.5CVSS6.1AI score0.00583EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/05/16 12:29 a.m.7 views

CLSA-2026-1778891359 libpng: Fix of CVE-2026-34757

CVE-2026-34757: use-after-free in pngsetPLTE, pngsettRNS, pngsethIST, pngsettext, pngsetsPLT and pngsetunknownchunks when the caller passes the pointer returned by the corresponding getter back to the setter...

5.1CVSS5.8AI score0.00195EPSS
Exploits1References1
OSV
OSV
added 2026/05/14 11:59 a.m.11 views

JLSEC-2026-498

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS5.9AI score0.00195EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/05/13 8:4 a.m.10 views

CVE-2026-41050 Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their GitRepo...

9.9CVSS5.9AI score0.00379EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 7:0 a.m.19 views

MGASA-2026-0129 Updated apache packages fix security vulnerabilities

http2: double free and possible RCE on early reset. CVE-2026-23918 modrewrite elevation of privileges via apexpr. CVE-2026-24072 buffer overflow in modproxyajp via ajpmsgcheckheader. CVE-2026-28780 modmd unrestricted OCSP response. CVE-2026-29168 moddavlock indirect lock crash. CVE-2026-29169...

9.8CVSS6.1AI score0.4581EPSS
Exploits18References16
Github Security Blog
Github Security Blog
added 2026/05/08 3:58 p.m.10 views

vm2 has sandbox breakout via `neutralizeArraySpeciesBatch`

Summary VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The new method neutralizeArraySpeciesBatch works with objects from the other side but can call into this...

9.8CVSS6.4AI score0.00851EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.21 views

PT-2026-39191

Name of the Vulnerable Software and Affected Versions VM2 affected versions not specified Description A sandbox breakout allows attackers to execute arbitrary commands on the host system. The issue occurs because the neutralizeArraySpeciesBatch function interacts with objects from an external...

10CVSS6.5AI score0.00851EPSS
Exploits1References14
Vulnrichment
Vulnrichment
added 2026/05/07 5:6 a.m.7 views

CVE-2026-41139 Unsafe array index getter in mathjs

Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0...

8.8CVSS7.3AI score0.00577EPSS
Exploits0References5
OSV
OSV
added 2026/05/07 5:6 a.m.5 views

CVE-2026-41139 Unsafe array index getter in mathjs

Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0...

8.8CVSS7.2AI score0.00577EPSS
Exploits0References10
Rows per page
Query Builder