Lucene search
+L

7 matches found

OSV
OSV
added 2026/07/01 12:2 a.m.2 views

CVE-2026-41579 runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions prior to 1.3.6, 1.4.0-rc.1, 1.4.0-rc.12, 1.5.0-rc.1, and 1.5.0-rc.1, when setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join strin...

3.3CVSS6AI score0.00222EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:10 p.m.7 views

CVE-2026-54889

Improper Neutralization of Input During Web Page Generation XSS vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':todelta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':defaultconvertnode/3 in...

5.1CVSS5.7AI score0.0031EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/29 7:10 p.m.5 views

EEF-CVE-2026-54889 Unsanitized URL schemes in MDEx Quill Delta output allow javascript: injection (XSS)

Summary Improper Neutralization of Input During Web Page Generation XSS vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':to\delta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':default\convert\node/3...

5.1CVSS5.7AI score0.0031EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.17 views

PT-2026-41765

Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Description When handling 'PUT /containers/id/archive' requests with compressed archives, the daemon decompresses them using external system binaries. Due to incorrect operation ordering, these binaries a...

7.5CVSS6.3AI score0.00153EPSS
Exploits0References52
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.9 views

NewStart CGSL MAIN 6.06 (SP) : cloud-init Multiple Vulnerabilities (NS-SA-2026-0026)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys. In some...

7.1CVSS5.9AI score0.00438EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.5 views

libnbd 代码问题漏洞

libnbd is a library for editing NBD Network Block Device clients. A code issue vulnerability exists in libnbd that stems from the product's copy tool, nbdcopy, blindly treating the completion of an asynchronous command as a success without checking the resultant error parameter when performing a...

4.8CVSS6.7AI score0.00788EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2012/06/04 12:0 a.m.2 views

PT-2012-1203 · Document Foundation +4 · Libreoffice +5

Name of the Vulnerable Software and Affected Versions: LibreOffice versions prior to 3.5.3 OpenOffice.org versions 3.3, 3.4 Beta, and possibly earlier Description: The issue is related to errors in number processing in the vclmi.dll component of the OpenOffice.org module in LibreOffice...

10CVSS7.2AI score0.13734EPSS
Exploits2References43
Rows per page
Query Builder