CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/28 12:33 p.m.•1 views

CVE-2026-7309

4.3CVSS5.2AI score0.0003EPSS

Exploits0References3

CVE•added 2026/04/28 12:33 p.m.•10 views

CVE-2026-7309

OpenShift Container Platform build system vulnerability CVE-2026-7309 allows a user with the edit clusterrole to inject arbitrary environment variables (e.g., LD_PRELOAD, http_proxy) into docker-build containers via buildconfigs/instantiate, exposing confidentiality of build traffic. The issue is...

Exploits0References2Affected Software1

Cvelist•added 2026/04/28 12:33 p.m.•23 views

CVE-2026-7309 Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection

4.3CVSS0.0003EPSS

ATTACKERKB•added 2026/04/28 12:33 p.m.•3 views

CVE-2026-7309

Vulnrichment•added 2026/04/28 12:33 p.m.•2 views

Exploits0References3

CVE-2026-7309 Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection

EUVD•added 2026/04/28 12:33 p.m.•0 views

EUVD-2026-26043

CNNVD•added 2026/04/28 12:0 a.m.•3 views

Red Hat OpenShift Container Platform 代码问题漏洞

Red Hat OpenShift Container Platform is a platform developed by Red Hat Inc., which helps enterprises develop, deploy, and manage existing container-based applications across physical, virtual, and public cloud infrastructures. There is a code vulnerability in Red Hat OpenShift Container Platform...

4.3CVSS6AI score0.0003EPSS

Positive Technologies•added 2026/04/28 12:0 a.m.•1 views

PT-2026-35719

Name of the Vulnerable Software and Affected Versions OpenShift Container Platform affected versions not specified Description A flaw in the build system allows a user with the edit ClusterRole to inject arbitrary environment variables, such as LD PRELOAD or http proxy, into docker-build...

4.3CVSS5.9AI score0.0003EPSS

Exploits0References5

EUVD•added 2026/03/24 9:31 p.m.•1 views

EUVD-2026-14956

An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time...

6.9CVSS5.9AI score0.0011EPSS

Debian CVE•added 2026/03/24 6:29 p.m.•2 views

CVE-2026-23923

An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time...

6.9CVSS5.6AI score0.0011EPSS

Exploits0

CVE•added 2026/03/24 6:29 p.m.•7 views

CVE-2026-23923

CVE-2026-23923 : An unauthenticated attacker can abuse the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. Impact depends on environment, but appears limited; CVSS 4.0 base vector lists MEDIUM severity (6.9). No concrete exploitation details or affected product/vendor are...

6.9CVSS5.9AI score0.0011EPSS

OSV•added 2026/02/01 12:1 a.m.•3 views

OSV-2026-169 Null-dereference READ in execute_post_instantiate_functions

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=479872443 Crash type: Null-dereference READ Crash state: executepostinstantiatefunctions wasminstantiate wasmruntimeinstantiate...

5.8AI score

OSV•added 2024/06/19 3:15 p.m.•0 views

UBUNTU-CVE-2021-47579

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.1AI score0.00016EPSS

Exploits0References8

RedHat Linux•added 2024/04/30 9:57 a.m.•2 views

kernel: ovl: fix warning in ovl_create_real()

5.5CVSS6.4AI score0.00016EPSS

Exploits0References5

Positive Technologies•added 2023/08/25 12:0 a.m.•1 views

PT-2023-35972 · Git +1 · Harfbuzz

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several function calls, including OT::glyph variations t::create from glyp...

6.9AI score

Positive Technologies•added 2022/11/15 12:0 a.m.•1 views

PT-2022-36768 · Git +1 · Wasmtime

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash has been reported with a type of UNKNOWN WRITE. The crash state is related to the instantiate many function, specifically the...

7AI score

OSV•added 2022/11/08 1:2 p.m.•14 views

OSV-2022-1155 UNKNOWN WRITE in wasmtime_fuzzing::oracles::instantiate_many::h1a28dda90c13f877

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53102 Crash type: UNKNOWN WRITE Crash state: wasmtimefuzzing::oracles::instantiatemany::h1a28dda90c13f877 instantiatemany::::run::he4646225c064edb2...

7.2AI score

Positive Technologies•added 2022/11/08 12:0 a.m.•3 views

PT-2022-36755 · Git +1 · Wasmtime

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash reported by OSS-Fuzz, with a crash type of UNKNOWN WRITE. The crash occurs in the instantiate many function, specifically...

6.9AI score