Lucene search
+L

175 matches found

vulnersOsv
vulnersOsv
added 2026/02/03 3:49 p.m.7 views

arches (=8.0.0a1), django-accounts-api (=1.2.5) +24 more potentially affected by CVE-2026-1312 via django (>=6.0.0 <=6.0.1)

django PYPI version =6.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =0.20.4, =0.22.1 and more Source cves: CVE-2026-1312 Source advisory: SNYK:PYTHON-DJANGO-15198931...

8.5CVSS7.2AI score0.00802EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:30 p.m.5 views

arches (=8.0.0a1), django-accounts-api (=1.2.5) +24 more potentially affected by CVE-2026-1285 via django (>=6.0.0 <=6.0.1)

django PYPI version =6.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =0.20.4, =0.22.1 and more Source cves: CVE-2026-1285 Source advisory: OSV:GHSA-4RRR-2H4V-F3J9...

7.5CVSS7AI score0.00993EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.6 views

WordPress Plugin The Events Calendar has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.4CVSS5.8AI score0.00188EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/19 8:55 p.m.6 views

EUVD-2026-3283

OnboardLite is a comprehensive membership lifecycle platform built for student organizations at the University of Central Florida. Versions of the software prior to commit 1d32081a66f21bcf41df1ecb672490b13f6e429f have a stored cross-site scripting vulnerability that can be rendered to an admin wh...

7.3CVSS5.1AI score0.00226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : ipa-3.0.0-26.2.0.1.AXS4 (AXSA:2013-421:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-421:02 advisory. IPA is an integrated solution to provide centrally managed Identity machine, user, virtual machines, groups, authentication credentials, Policy configuration...

4.3CVSS5.7AI score0.01189EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/01/14 12:25 a.m.5 views

SUSE CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

5.5CVSS6.3AI score0.0012EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-6170

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s hugetlb subsystem contains an issue where hugetlb pmd shared did not correctly detect shared PMD tables. This occurred because the code switched to using an independen...

5.5CVSS5.5AI score0.0012EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/12/18 12:10 p.m.3 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...

7.8CVSS6.9AI score0.00407EPSS
Exploits0References22
Spring Security Advisories
Spring Security Advisories
added 2025/12/09 12:0 a.m.17 views

This Week in Spring - December 9th, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! I am in lovely New Jersey, the Garden State , as I write this and I spent most of the last week in New Orleans. It's been a busy week in the Spring community and beyond and so you know what that means? There's a ton of stuff ...

6.8AI score
Exploits0
Fedora
Fedora
added 2025/11/29 5:8 p.m.8 views

[SECURITY] Fedora 42 Update: migrate-4.19.0-1.fc42

Go database migrations library and program. This package is built with the following databases backends: cassandra cockroachdb mongodb mysql postgres redshift sqlite3 sqlite This package is built with the following source backends: github gitlab go-bindata godoc-vfs gcs iofs pkger s3...

7.5CVSS7.2AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2025/11/29 4:49 p.m.10 views

[SECURITY] Fedora 43 Update: migrate-4.19.0-1.fc43

Go database migrations library and program. This package is built with the following databases backends: cassandra cockroachdb mongodb mysql postgres redshift sqlite3 sqlite This package is built with the following source backends: github gitlab go-bindata godoc-vfs gcs iofs pkger s3...

7.5CVSS6.8AI score0.00626EPSS
Exploits0
OSV
OSV
added 2025/11/17 7:11 p.m.5 views

GO-2025-4104 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes in github.com/kubevirt/kubevirt

KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes in github.com/kubevirt/kubevirt. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positi...

6.9CVSS6.8AI score0.00254EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2025/11/09 9:1 a.m.7 views

KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

...

6.9CVSS6.8AI score0.00254EPSS
Exploits1
Snyk
Snyk
added 2025/11/07 11:46 p.m.3 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to excessive permissions granted to the virt-handler service account. An attacker can initiate unauthorized migrations of virtual machine instances to attacker-controlled nodes or mark all nodes as...

6.9CVSS5.5AI score0.00254EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/07 10:59 p.m.3 views

EUVD-2025-38214

KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...

6.9CVSS6.3AI score0.00254EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/07 10:59 p.m.14 views

CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...

6.9CVSS0.00254EPSS
Exploits1References1
OSV
OSV
added 2025/11/07 10:59 p.m.5 views

CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...

6.9CVSS6.8AI score0.00254EPSS
Exploits1References3
CVE
CVE
added 2025/11/07 10:59 p.m.21 views

CVE-2025-64436

KubeVirt CVE-2025-64436 affects the virt-handler service account in KubeVirt up to version 1.5.0, where overprivileged permissions (e.g., updating VMI, patching nodes) could be abused to migrate a VMI to an attacker-controlled node or mark all nodes as unschedulable, potentially forcing privilege...

6.9CVSS6.4AI score0.00254EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/11/06 11:35 p.m.6 views

GHSA-7XGM-5PRM-V5GC KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

Summary The permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. Details Following the GitHub security advisory published on March 23 2023, a ValidatingAdmissionPolicy w...

6.9CVSS5.5AI score0.00254EPSS
Exploits1References3
Rapid7 Blog
Rapid7 Blog
added 2025/10/31 1:0 p.m.8 views

When AI Accelerates Cloud Migrations, Don't Let Security Be an Afterthought

The era of on-premises infrastructure is quickly becoming a thing of the past, with research from Pluralsight showing that over 90% of organizations now leverage the cloud. What’s driving the even faster shift over the last few years? Consider AWS's foray into generative AI programs and agents fo...

7.4AI score
Exploits0
Rows per page
Query Builder