Lucene search
K

122 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/04 12:0 a.m.6 views

Grafana 10.4.x < 10.4.9 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is 10.3.x earlier than 10.3.10, or 10.4.x earlier than 10.4.9, or 11.0.x earlier than 11.0.5, or 11.1.x earlier than 11.1.6, or 11.2.x earlier than 11.2.1. It is, therefore, affected by multiple vulnerabilities:...

9.9CVSS7.9AI score0.97781EPSS
Exploits10References4
Tenable Nessus
Tenable Nessus
added 2025/06/04 12:0 a.m.3 views

Grafana 10.3.x < 10.3.10 Multiple Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is 10.3.x earlier than 10.3.10, or 10.4.x earlier than 10.4.9, or 11.0.x earlier than 11.0.5, or 11.1.x earlier than 11.1.6, or 11.2.x earlier than 11.2.1. It is, therefore, affected by multiple vulnerabilities:...

9.9CVSS7.9AI score0.97781EPSS
Exploits10References4
RedhatCVE
RedhatCVE
added 2025/05/15 3:17 p.m.8 views

CVE-2024-35281

An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...

2.5CVSS6.9AI score0.00119EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:40 a.m.73 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix1 Vulnerability Details CVEID:CVE-2025-1974 DESCRIPTION: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve...

9.8CVSS9.8AI score0.99098EPSS
Exploits26Affected Software1
Veracode
Veracode
added 2025/04/25 8:47 a.m.7 views

Unintended Scope Exposure

SES is vulnerable to unintended scope exposure. The vulnerability is due to improper isolation due to top-level let, const, or class bindings in...

8.7CVSS6.6AI score0.005EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/04/04 7:15 a.m.3 views

CVE-2025-3086

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...

7.1CVSS5.4AI score0.00392EPSS
Exploits0References3
Snyk
Snyk
added 2025/03/24 11:43 p.m.8 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the Validating Admission Controller feature. An attacker with access to the pod network can execute code, which allows them to access stored secrets. By default, the controller can access al...

9.8CVSS7.4AI score0.99098EPSS
Exploits20References2
Snyk
Snyk
added 2025/03/24 11:43 p.m.4 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the Validating Admission Controller feature. An attacker with access to the pod network can execute code, which allows them to access stored secrets. By default, the controller can access al...

9.8CVSS7.4AI score0.99098EPSS
Exploits20References2
Snyk
Snyk
added 2025/03/24 10:0 p.m.6 views

Improper Isolation or Compartmentalization

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization that allows an attacker who can convince a user to follow a...

8.3CVSS7.5AI score0.08404EPSS
Exploits6References2
Snyk
Snyk
added 2025/03/24 10:0 p.m.10 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization that allows an attacker who can convince a user to follow a malicious link to escape sandbox protections, due to a logic error in the Mojo component. This vulnerability does not enable code...

8.3CVSS7.6AI score0.08404EPSS
Exploits6References2
Snyk
Snyk
added 2025/03/24 10:0 p.m.8 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization that allows an attacker who can convince a user to follow a malicious link to escape sandbox protections, due to a logic error in the Mojo component. This vulnerability does not enable code...

8.3CVSS7.6AI score0.08404EPSS
Exploits6References2
VulnCheck KEV
VulnCheck KEV
added 2025/03/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-21590

Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code...

6.7CVSS5.9AI score0.01657EPSS
Exploits0References1
OSV
OSV
added 2025/03/11 6:32 p.m.4 views

GHSA-GPRR-V9F2-PX3C Azure PromptFlow remote code execution related to Jinja templates

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

6.5CVSS6AI score0.00492EPSS
Exploits0References5
Snyk
Snyk
added 2025/03/11 6:32 p.m.1 views

Improper Isolation or Compartmentalization

Overview promptflow-core is a Prompt flow core Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization due to improper isolation or compartmentalization in the handling of Jinja templates. Remediation Upgrade promptflow-core to version 1.17.2 or higher...

6.9CVSS8.5AI score0.00492EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/11 6:32 p.m.3 views

Improper Isolation or Compartmentalization

Overview promptflow-tools is a Prompt flow built-in tools Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization due to improper isolation or compartmentalization in the handling of Jinja templates. Remediation Upgrade promptflow-tools to version 1.6.0 or...

6.9CVSS6.9AI score0.00492EPSS
Exploits0References2
OSV
OSV
added 2025/03/11 5:16 p.m.8 views

CVE-2025-24986

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

6.5CVSS5.9AI score0.00492EPSS
Exploits0References1
Amazon
Amazon
added 2025/03/06 12:0 a.m.6 views

Important: libnvidia-container

Issue Overview: NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges,...

8.4CVSS7.3AI score0.01088EPSS
Exploits0
Amazon
Amazon
added 2025/03/06 12:0 a.m.7 views

Important: nvidia-container-toolkit

Issue Overview: NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges,...

8.4CVSS7.3AI score0.01088EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/01/28 4:54 a.m.9 views

CVE-2024-0137

NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code running in the host’s network namespace. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successfu...

5.5CVSS7.2AI score0.00318EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/01/28 4:54 a.m.10 views

CVE-2024-0135

An improper isolation vulnerability was found in the NVIDIA Container Toolkit, where a specially crafted container image could lead to modification of a host binary. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information...

7.6CVSS7.2AI score0.01088EPSS
Exploits0References4
Rows per page
Query Builder