Lucene search
K

1029 matches found

RedHat Linux
RedHat Linux
added 5 days ago7 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.18.1.P1 for Spring Boot release.

Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot patch release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.4AI score0.00969EPSS
Exploits6References33
OSV
OSV
added 2026/07/02 5:13 p.m.7 views

GHSA-4M3V-Q747-PC6H OpenClaw: Mattermost slash token revocation could lag until monitor refresh

Summary Mattermost slash token revocation could lag until monitor refresh. In affected versions, a caller with an old Mattermost slash token during the refresh window could continue accepting the old token until the monitor refreshed. This advisory is scoped to the named feature and configuration...

6.3CVSS6AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 4:58 p.m.3 views

GHSA-P39J-X9H5-Q66M OpenClaw: Embedded runner policy could be confused by provider aliases

Summary Embedded runner policy could be confused by provider aliases. In affected versions, a request using provider aliases could compare policy against an alias instead of the canonical provider identity. This advisory is scoped to the named feature and configuration. It does not change...

4.8CVSS5.9AI score0.00093EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53972

Name of the Vulnerable Software and Affected Versions coturn versions prior to 4.13.0 Description An authenticated TURN client can bypass the default loopback guard by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 within a TURN XOR-PEER-ADDRESS attribute. This occurs because the ioa ad...

7.4CVSS6.1AI score0.00287EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-414 misp-modules website - Missing CSRF protection in the website home blueprint

A Cross-Site Request Forgery vulnerability in the MISP Modules website allowed an attacker to cause an authenticated user to submit unintended requests to the home endpoint. The vulnerability was due to the home blueprint being exempted from CSRF protection. This could allow modification of sessi...

9.3CVSS5.8AI score0.00185EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 2:16 p.m.7 views

CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS0.00175EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 2:16 p.m.4 views

UBUNTU-CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS5.8AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 1:16 p.m.8 views

EUVD-2026-39388

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS5.8AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:16 p.m.9 views

CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 1:16 p.m.6 views

CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS5.8AI score0.00175EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in OpenSSH

There is a vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The use of sshpktdisconnect on an error condition, which does n...

8.2CVSS7AI score0.0218EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: An alert is added in trytofreebuffers for folios without buffers. trytofreebuffers can be called on folios with no buffers attached when filemapreleasefolio is invoked on a folio that belongs to a mapping, and...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 2:34 p.m.5 views

OPENSUSE-SU-2026:21019-1 Security update for rpcbind

This update for rpcbind fixes the following issues - Update to rpcbind 1.2.9 bsc1267212 https://lore.kernel.org/linux-nfs/[email protected]/ rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist rpcbind: Stop unauthenticated oversized allocation in PMAPPROCCALLIT...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/22 2:34 p.m.2 views

SUSE-SU-2026:22259-1 Security update for rpcbind

This update for rpcbind fixes the following issues - Update to rpcbind 1.2.9 bsc1267212 https://lore.kernel.org/linux-nfs/[email protected]/ rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist rpcbind: Stop unauthenticated oversized allocation in PMAPPROCCALLIT...

6AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/22 1:54 p.m.7 views

CVE-2026-47210

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This sandbox escape vulnerability allows an attacker to execute arbitrary code in the host process. This occurs when untrusted code is executed with asynchronous async support on runtimes that expose WebAssembly...

9.8CVSS6.1AI score0.00507EPSS
Exploits0References6
OSV
OSV
added 2026/06/18 8:13 p.m.5 views

GHSA-FCVX-5CXC-V5P8 OpenClaw: Slack reaction events could ignore reaction notification settings

Summary Slack reaction events could ignore reaction notification settings. In affected versions, a Slack reaction event delivered to the configured app could enter the agent pipeline even when reaction notifications were disabled. This advisory is scoped to the named feature and configuration. It...

6.3CVSS5.6AI score0.00191EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 1:4 p.m.13 views

GHSA-985F-72MJ-8GF7 OpenClaw: Tool group policy callers could accept unvalidated group IDs

Summary Tool group policy callers could accept unvalidated group IDs. In affected versions, a caller that can supply a group id to the affected policy resolver could resolve policy for an unvalidated group id. This advisory is scoped to the named feature and configuration. It does not change...

6CVSS5.6AI score0.00169EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/17 6:35 p.m.12 views

OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.3AI score0.0019EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/17 3:17 p.m.12 views

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS0.0019EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 2:12 p.m.10 views

EUVD-2026-37723

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

6CVSS5.4AI score0.0019EPSS
Exploits0References2
Rows per page
Query Builder