Lucene search
K

2107 matches found

OSV
OSV
added 2026/07/02 9:47 a.m.2 views

OPENSUSE-SU-2026:21213-1 Security update for containerd

This update for containerd fixes the following issues Update to 1.7.33: - CVE-2024-25621: overly broad default permission vulnerability bsc1253126. - CVE-2025-64329: goroutine leaks can lead to memory exhaustion on the host bsc1253132. - CVE-2026-33186: google.golang.org/grpc: authorization bypas...

9.6CVSS6.8AI score0.01557EPSS
Exploits3References20
Cvelist
Cvelist
added 2026/07/01 8:47 p.m.32 views

CVE-2026-54074 @tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to-Tina migration command. The internal helper addVariablesToCode unquotes any value matching the marker "TINAINTERNAL:::.?:::" inside the stringified...

7.8CVSS0.0017EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 3:17 p.m.8 views

CVE-2026-6687

FatFs R0.16 and earlier contains a stack overflow bug in fgetlabel because exFAT label length XDIRNumLabel is trusted without enforcing spec maximums. This maps to CWE-121 Stack-based Buffer Overflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 7.6, High. The estimate...

7.6CVSS0.00232EPSS
Exploits2References4
CVE
CVE
added 2026/07/01 1:57 p.m.37 views

CVE-2026-6687

CVE-2026-6687 affects FatFs R0.16 and earlier. Root cause: f_getlabel() trusts exFAT label length (XDIR_NumLabel) beyond the spec maximums, causing a stack-based buffer overflow (CWE-121). Documented impact per CVSS: high for confidentiality, integrity, and availability. Exploitation status is no...

7.6CVSS5.8AI score0.00232EPSS
Exploits2References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:57 p.m.4 views

CVE-2026-6687

FatFs R0.16 and earlier contains a stack overflow bug in fgetlabel because exFAT label length XDIRNumLabel is trusted without enforcing spec maximums. This maps to CWE-121 Stack-based Buffer Overflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 7.6, High. The estimate...

7.6CVSS5.8AI score0.00232EPSS
Exploits2References5
EUVD
EUVD
added 2026/07/01 1:57 p.m.7 views

EUVD-2026-40999

FatFs R0.16 and earlier contains a stack overflow bug in fgetlabel because exFAT label length XDIRNumLabel is trusted without enforcing spec maximums. This maps to CWE-121 Stack-based Buffer Overflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 7.6, High. The estimate...

7.6CVSS5.8AI score0.00232EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/07/01 4:12 a.m.7 views

CVE-2026-13484

A flaw was found in MLflow. This vulnerability, located in the Experiment-scoped Label Schema CRUD API, allows a remote attacker to exploit missing authorization. This could lead to unauthorized access or manipulation of data within the affected component. The attack has a high complexity, making...

8.8CVSS5.8AI score0.00263EPSS
Exploits1References10
NVD
NVD
added 2026/07/01 2:17 a.m.7 views

CVE-2026-53488

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS0.00203EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/07/01 12:11 a.m.6 views

CVE-2026-53488

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 the CRI plugin propagates labels from an image config LABEL instruction in Dockerfile to a container without validation. This may result in executing an arbitrary command on the host, via ...

9.4CVSS5.9AI score0.00203EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54929

Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description A stack-based buffer overflow occurs in the f getlabel function. This issue arises because the exFAT label length XDIR NumLabel is trusted without enforcing the maximum limits defined by the...

7.6CVSS6.4AI score0.00232EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.14 views

PT-2026-54763

Name of the Vulnerable Software and Affected Versions Rancher Fleet affected versions not specified Description An authentication bypass exists in the webhook component. Additionally, a Pod Security Standard PSS bypass can be achieved through the manipulation of namespace labels. Recommendations ...

8.8CVSS5.7AI score0.00508EPSS
Exploits0References10
OSV
OSV
added 2026/06/30 11:41 a.m.2 views

SUSE-SU-2026:22456-1 Security update for docker

This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...

9.6CVSS6.6AI score0.00781EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

AlmaLinux 10 : git-lfs (ALSA-2026:30855)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:30855 advisory. golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 Tenable has extracted the...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/29 6:26 p.m.7 views

golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname for example, xn--example-.com returns example.com instead of an error. Applications that validate the ASCII form then convert to Unicode may grant acce...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/29 2:45 a.m.4 views

golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname for example, xn--example-.com returns example.com instead of an error. Applications that validate the ASCII form then convert to Unicode may grant acce...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

AlmaLinux 8 : git-lfs (ALSA-2026:30853)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:30853 advisory. golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 Tenable has extracted the...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 12:0 a.m.5 views

ALSA-2026:30854 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycod...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 12:0 a.m.4 views

ALSA-2026:30853 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycod...

9.6CVSS5.8AI score0.00478EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.7 views

RHEL 8 : git-lfs (RHSA-2026:30853)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:30853 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References4
NVD
NVD
added 2026/06/28 10:16 p.m.9 views

CVE-2026-13507

A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function strtouint64 of the file openviking/storage/vectordb/utils/strtouint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verificatio...

5CVSS0.00138EPSS
Exploits0References7
Rows per page
Query Builder