Lucene search
K

479 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Filesystems without the casefold feature cannot be mounted with siphash. When mounting the ext4 filesystem, if the default hash version is set to DXHASHSIPHASH, but the casefold feature is not enabled, exit the mounting...

5.5CVSS6.2AI score0.00244EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...

6.1CVSS6.2AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 4:16 p.m.4 views

DEBIAN-CVE-2026-52725

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component...

6.1CVSS6AI score0.00238EPSS
Exploits0References1
Fedora
Fedora
added 2026/06/22 12:51 a.m.6 views

[SECURITY] Fedora 44 Update: buildah-1.43.2-1.fc44

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper handling of file backend mounting by the erofs file system. This issue may allow I/O...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2025-70100

A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...

5.5CVSS5.5AI score0.00155EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-7461

Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...

7.5CVSS5.8AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42296

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14 and 4.0.5, a user with create Workflow permission can bypass templateReferencing: Strict to get host network access, switch service accounts, override pod...

8.1CVSS5.4AI score0.00424EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.12 views

CVE-2026-44850

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer offers an environment-level Disable bind mounts for...

8.5CVSS5.5AI score0.00206EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/06/04 6:1 p.m.16 views

Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths

Summary app.mount strips the mount prefix from the incoming request path using the raw URL pathname, while route matching is performed against the percent-decoded path. This inconsistency causes the prefix to be stripped at the wrong position when the path contains percent-encoded multi-byte...

5.3CVSS5.8AI score0.0026EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-45934

Name of the Vulnerable Software and Affected Versions lwext4 version 1.0.0 Description A divide-by-zero issue exists in the ext4 block set lb size function within the src/ext4 blockdev.c file. This occurs when a malformed ext4 filesystem image with a zero logical block size is provided, leading t...

5.5CVSS5.4AI score0.00155EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:3 p.m.14 views

CVE-2026-44850

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer offers an environment-level Disable bind mounts for...

5.8AI score0.00206EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-45991

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

7.8CVSS0.00169EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.27 views

PT-2026-43211

Name of the Vulnerable Software and Affected Versions Xibo CMS versions prior to 4.4.2 Description A vulnerability chain involving Stored Cross-Site Scripting XSS and Iframe Sandbox escape exists in the Xibo CMS. Users with DataSet permissions can utilize the Data Connector functionality to craft...

7.6CVSS5.5AI score0.0011EPSS
Exploits0References6
OSV
OSV
added 2026/05/22 1:22 p.m.9 views

OESA-2026-2434 buildah security update

The package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a new image...

7.5CVSS5.7AI score0.00632EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Docker Desktop 安全漏洞

Docker Desktop is a desktop software by the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...

8.8CVSS7.3AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...

5.9AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in mbfindextent Syzbot identified the following issues: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT, and fastcommit support! EXT4-fs loop0: orphan...

5.5CVSS6.3AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: USB: gadgetfs: Fix race between mounting and unmounting The syzbot fuzzer and Gerald Lee have identified a use-after-free bug in the gadgetfs driver. This bug involves processes concurrently mounting and unmounting the gadgetf...

4.7CVSS6AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Validates the BOOT recordsize field. When the NTFS BOOT recordsize field is less than 0, it represents a shift value. However, there is no sanity check on the shift result, and the sbi-recordbits calculation using...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References1
Rows per page
Query Builder