Lucene search
K

24 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.12 views

PT-2026-51611

Name of the Vulnerable Software and Affected Versions Anthropic Claude Desktop Cowork VM versions 1.1348.0 through 1.2278.0 Description The Cowork VM image handling process validates only the presence of the file and a version marker string before booting rootfs.img, failing to verify the integri...

8.7CVSS6.4AI score0.00103EPSS
Exploits1References8
OSV
OSV
added 2026/04/14 11:16 p.m.4 views

UBUNTU-CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...

8.8CVSS6.1AI score0.00607EPSS
Exploits0References4
CVE
CVE
added 2026/04/14 10:42 p.m.14 views

CVE-2026-33414

Summary: CVE-2026-33414 affects Podman

8.8CVSS6.1AI score0.00607EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/04/14 10:30 p.m.4 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the Resize-VHD PowerShell command construction process. An attacker can execute arbitrary PowerShell commands with the privileges of the affected process by supplying a crafted VM image path containing malicious...

8.8CVSS6AI score0.00607EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 3: container-tools:rhel8 (TSSA-2025:0606)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0606 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.3CVSS6.3AI score0.00397EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-3395

Malware in sbrugna...

2.1CVSS6.4AI score0.00353EPSS
Exploits0References7
NVD
NVD
added 2025/09/24 4:15 p.m.6 views

CVE-2025-27032

memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency...

7.8CVSS0.00072EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-9594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when usi...

8.1CVSS7.3AI score0.01641EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/02/14 6:42 p.m.15 views

New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image AMI with a specific name to gain code execution within the Amazon Web Services AWS account. "If executed at scale, this attack could be used to gain...

7.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.5 views

PT-2024-12420 · Qualcomm · Snapdragon +141

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs while loading a VM from a signed VM image that is not coherent in the processor cache. This is a...

8.4CVSS7.2AI score0.00078EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/02/03 12:0 a.m.8 views

Tenable Network Security Nessus Trust Management Issues Vulnerability

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. Tenable Network Security Nessus AMI has a security vulnerability that can be exploited by attackers to play the role of a man-in-the-middle on Nessus AMI...

5.9CVSS6.2AI score0.00515EPSS
Exploits0References4
OSV
OSV
added 2019/08/23 9:15 p.m.5 views

CVE-2019-6695

Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0, 6.0.6 and below may allow an attacker to implant third-party programs by recreating the image through specific methods...

9.8CVSS7.3AI score0.0077EPSS
Exploits0References1
OSV
OSV
added 2019/08/08 8:15 a.m.5 views

CVE-2019-1946

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementatio...

6.5CVSS6.7AI score0.01443EPSS
Exploits0References1
NVD
NVD
added 2019/08/08 8:15 a.m.22 views

CVE-2019-1946

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementatio...

6.5CVSS6.7AI score0.01443EPSS
Exploits0References1
Prion
Prion
added 2019/08/08 8:15 a.m.25 views

Authentication flaw

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementatio...

6.4CVSS6.6AI score0.01443EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/08 7:20 a.m.17 views

CVE-2019-1946 Cisco Enterprise NFV Infrastructure Software Web-Based Management Interface Authentication Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to bypass authentication and get limited access to the web-based management interface. The vulnerability is due to an incorrect implementatio...

6.5CVSS6.7AI score0.01443EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/19 12:0 a.m.2 views

Cisco FindIT Network Manager Static Credentials Vulnerability

Cisco FindIT Network Manager is a network management tool for deploying and maintaining Cisco 100 to 500 series switches, routers, and wireless access points. A static credentials vulnerability exists in the virtual machine VM image of Cisco FindIT Network Manager 1.1.4. The vulnerability stems...

8.4CVSS7AI score0.00322EPSS
Exploits0References1
Prion
Prion
added 2018/08/25 12:29 a.m.13 views

Code injection

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

5CVSS5.3AI score0.01801EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/08/25 12:29 a.m.5 views

UBUNTU-CVE-2018-15869

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

5.3CVSS6.4AI score0.01801EPSS
Exploits0References4
OSV
OSV
added 2018/08/25 12:29 a.m.2 views

DEBIAN-CVE-2018-15869

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

5.3CVSS6.9AI score0.01801EPSS
Exploits0References1
Rows per page
Query Builder