Lucene search
K

119 matches found

OSV
OSV
added 2026/06/25 3:31 p.m.4 views

OPENSUSE-RU-2026:21160-1 Recommended update for dnscrypt-proxy

This update for dnscrypt-proxy fixes the following issues: Changes in dnscrypt-proxy: - Update to version 2.1.16 The "tlsciphersuite" option is now a no-op. Modern TLS stacks no longer expose cipher suite selection in a meaningful way, and the option had become misleading A log size of 0 no longe...

9.1CVSS6.6AI score0.01557EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/05/13 3:55 p.m.32 views

CVE-2025-32425 AutoGPT has missing Docker log rotation on platform containers that allows host disk-exhaustion DoS

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console stdout/stderr, and deployed in container mode, which is automatically captured by Docker an...

5.1CVSS0.00182EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/13 3:55 p.m.6 views

CVE-2025-32425 AutoGPT has missing Docker log rotation on platform containers that allows host disk-exhaustion DoS

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console stdout/stderr, and deployed in container mode, which is automatically captured by Docker an...

5.1CVSS5.9AI score0.00182EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/06 8:20 a.m.11 views

CVE-2026-7791

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 12:30 a.m.25 views

EUVD-2026-27149

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 10:16 p.m.32 views

CVE-2026-7791

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 10:7 p.m.18 views

CVE-2026-7791

CVE-2026-7791 concerns the Skylight Workspace Config Service in Amazon WorkSpaces for Windows prior to version 2.6.2034.0 . A flaw in log rotation privilege management lets a local non-admin authenticated user place arbitrary files in arbitrary locations, bypassing file system permissions and ena...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 10:7 p.m.6 views

CVE-2026-7791

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/04 10:7 p.m.9 views

CVE-2026-7791

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 10:7 p.m.56 views

CVE-2026-7791

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

8.5CVSS0.00122EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.16 views

PT-2026-36929

Name of the Vulnerable Software and Affected Versions Amazon WorkSpaces for Windows versions prior to 2.6.2034.0 Description Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service allows a local non-admin authenticated user to place arbitrary files in...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

Amazon WorkSpaces 安全漏洞

Amazon WorkSpaces is a fully managed, persistent desktop virtualization service provided by Amazon, Inc. It allows your users to access the data, applications, and resources they need from any supported device, at any time. Versions of Amazon WorkSpaces prior to 2.6.2034.0 contained a security...

8.5CVSS5.9AI score0.00122EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/31 10:58 p.m.4 views

CVE-2026-33029

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

6.9CVSS5.8AI score0.00948EPSS
Exploits1References1
OSV
OSV
added 2026/03/25 10:10 a.m.3 views

SUSE-SU-2026:1010-1 Security update 5.0.7 for Multi-Linux Manager Server

This update fixes the following issues: branch-network-formula: - Update to version 1.1.0 Enable containers on SLE15SP7 Exclude podman interfaces from sysctl setting cobbler: - Compatibility fixes for tftpboot directory setup inter-server-sync: - Version 0.3.10-0 Write log to a rotated file witho...

7.5CVSS7.1AI score0.00244EPSS
Exploits1References43
RedhatCVE
RedhatCVE
added 2026/01/09 9:4 a.m.13 views

CVE-2024-39876

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. Affected applications do not properly handle log rotation. This could allow an unauthenticated remote attacker to cause a denial of service condition through resource exhaustion on the device...

5.3CVSS7AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2025/10/27 1:11 p.m.4 views

SUSE-SU-2025:3809-1 Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: - CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 - fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091...

6.7CVSS5.8AI score0.00194EPSS
Exploits1References4
NVD
NVD
added 2025/10/07 8:15 p.m.6 views

CVE-2025-11462

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a...

9.3CVSS0.00212EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/07 7:44 p.m.9 views

CVE-2025-11462 Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a...

9.3CVSS0.00212EPSS
Exploits0References2
CVE
CVE
added 2025/10/07 7:44 p.m.13 views

CVE-2025-11462

CVE-2025-11462 affects AWS VPN Client for macOS, versions 1.3.2–5.2.0. Improper validation of the log destination directory during log rotation allows a local user to create a symlink from a client log file to a privileged location, enabling code execution with root privileges if crafted API call...

9.3CVSS7.3AI score0.00212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 7:44 p.m.7 views

EUVD-2025-32891

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a...

9.3CVSS7.2AI score0.00212EPSS
Exploits0References2
Rows per page
Query Builder