Lucene search
+L

87 matches found

Fedora
Fedora
added 6 days ago6 views

[SECURITY] Fedora 44 Update: OpenImageIO-3.1.15.0-1.fc44

OpenImageIO is a library for reading and writing images, and a bunch of relat ed classes, utilities, and applications. Main features include: - Extremely simple but powerful ImageInput and ImageOutput APIs for reading a nd writing 2D images that is format agnostic. - Format plugins for TIFF,...

7.5CVSS7AI score0.00517EPSS
Exploits0
NVD
NVD
added 2026/07/05 11:16 a.m.10 views

CVE-2026-14738

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS0.00208EPSS
Exploits0References7
OSV
OSV
added 2026/07/05 10:15 a.m.3 views

CVE-2026-14738 exo-explore exo Vision Feature Cache vision.py _image_cache_key weak hash

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS5.2AI score0.00208EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/07/05 10:15 a.m.8 views

CVE-2026-14738

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS5.2AI score0.00208EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/07/05 10:15 a.m.6 views

EUVD-2026-41746

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS5.2AI score0.00208EPSS
Exploits0References7
CVE
CVE
added 2026/07/05 10:15 a.m.15 views

CVE-2026-14738

Technical details are not publicly available in the provided documents; monitor for updates.

6.3CVSS5.2AI score0.00208EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/05 10:15 a.m.31 views

CVE-2026-14738 exo-explore exo Vision Feature Cache vision.py _image_cache_key weak hash

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS0.00208EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.15 views

PT-2026-55786

Name of the Vulnerable Software and Affected Versions exo-explore exo versions prior to 1.0.72 Description A security flaw exists in the Vision Feature Cache component within the image cache key function of the src/exo/worker/engines/mlx/vision.py file. The issue involves the use of a weak hash,...

6.3CVSS5.8AI score0.00208EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/07/02 11:34 p.m.3 views

github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning

A flaw was found in containerd, an open-source container runtime. The CRI Container Runtime Interface checkpoint import process fails to validate image references within a checkpoint image's configuration. An attacker with permissions to create pods can exploit this by using a specially crafted...

9.9CVSS6.4AI score0.00354EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 7:16 p.m.7 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS0.00354EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/01 5:50 p.m.9 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00354EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/07/01 5:50 p.m.10 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00354EPSS
Exploits0
OSV
OSV
added 2026/07/01 5:50 p.m.3 views

CVE-2026-50195 containerd: CRI checkpoint import allows local image tag poisoning

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

5.6CVSS6.3AI score0.00354EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.17 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-128 (ALASECS-2026-128)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-128 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...

9.9CVSS6.3AI score0.00412EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.29 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-113 (ALASNITRO-ENCLAVES-2026-113)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-113 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...

9.9CVSS6.3AI score0.00412EPSS
Exploits0References12
Amazon
Amazon
added 2026/06/29 12:0 a.m.7 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.9CVSS6AI score0.00412EPSS
Exploits0
Amazon
Amazon
added 2026/06/29 12:0 a.m.5 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.9CVSS6AI score0.00412EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

Ubuntu 25.10 / 26.04 LTS : containerd-stable vulnerabilities (USN-8473-1)

The remote Ubuntu 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8473-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd...

9.9CVSS7.3AI score0.00781EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : containerd vulnerabilities (USN-8472-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8472-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibl...

9.9CVSS7.3AI score0.00781EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 1:18 p.m.6 views

USN-8472-1 containerd-app vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.9CVSS6.4AI score0.00781EPSS
Exploits0References7
Rows per page
Query Builder