22 matches found
CVE-2026-50195
containerd is an open-source container runtime. Versions prior to 2.3...
CVE-2026-50195
containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...
GO-2026-5338 containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd
containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd...
GHSA-CVXM-645Q-P574 containerd: CRI checkpoint import allows local image tag poisoning
Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd to pull a malicious...
Linux Distros Unpatched Vulnerability : CVE-2026-48845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private...
CVE-2026-0049
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0049
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0049
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-456471290
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-30698
Name of the Vulnerable Software and Affected Versions Apache HTTP Server affected versions not specified Description A persistent denial of service can occur due to resource exhaustion in the LocalImageResolver.java component. This could lead to a local denial of service without requiring...
ASB-A-444671303
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48631
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48631
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48631
CVE-2025-48631 affects Google Android (LocalImageResolver.java: onHeaderDecoded). The issue is a DoS caused by resource exhaustion, enabling remote denial of service with network access and no user interaction. Connected advisories confirm updates in Android and Samsung devices as fixes; patch le...
CVE-2025-48631
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48631
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Arbitrary File Upload
Overview podcastfy is an An Open Source alternative to NotebookLM's podcast feature: Transforming Multimodal Content into Captivating Multilingual Audio Conversations with GenAI Affected versions of this package are vulnerable to Arbitrary File Upload through allowing image loading from local pat...
CVE-2024-20854
Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12, 13.1.02.07 in Android 13, and 14.0.01.06 in Android 14 allows local attackers to access image data...
PT-2023-27265 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to a confused deputy in the verifyShortcutInfoPackage function of ShortcutService.java. This could lead to local information disclosure, allowing an attacker to see...
WordPress plugin EXMAGE 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in the...