68 matches found
openSUSE 16 : Recommended update for gimp (SUSE-SU-openSUSE-RU-2026:20168-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-openSUSE-RU-2026:20168-1 advisory. Changes in gimp: - Update to 3.0.8 - Font Loading Performance - Improvements in start-up time for users with a large number of fonts was...
Information Disclosure
lxd is vulnerable to Information Disclosure. The vulnerability is due to improper validation in the image export API, where crafted requests using wildcard fingerprints allow unauthenticated network attackers to probe and determine whether projects exist...
ROS-20251117-04
A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...
ROS-20251117-05
A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...
GO-2025-4002 Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function in github.com/canonical/lxd...
Linux Distros Unpatched Vulnerability : CVE-2025-54290
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without...
EUVD-2016-10271
Malware in sbrugna...
EUVD-2015-5562
Malware in sbrugna...
CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
EUVD-2024-18644
Malicious code in bioql PyPI...
EUVD-2025-32095
Malicious code in bioql PyPI...
SUSE CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
GHSA-P3X5-MVMP-5F35 Canonical LXD Project Existence Determination Through Error Handling in Image Export Function
Impact In LXD's images export API /1.0/images/fingerprint/export, implementation differences in error handling allow determining project existence without authentication. Specifically, in the following code, errors when multiple images match are directly returned to users as API responses:...
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function
Impact In LXD's images export API /1.0/images/fingerprint/export, implementation differences in error handling allow determining project existence without authentication. Specifically, in the following code, errors when multiple images match are directly returned to users as API responses:...
CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
DEBIAN-CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
UBUNTU-CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
CVE-2025-54290
CVE-2025-54290 affects Canonical LXD before 6.5 and 5.21.4 on Linux. The vulnerability lies in the image export API, where error handling and LIKE wildcard matching can reveal project existence without authentication. An attacker can remotely determine whether a project exists by sending crafted ...
CVE-2025-54290 Project Existence Disclosure via Error Handling in LXD Image Export
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...