Lucene search
+L

15 matches found

cve
cve
added yesterday7 views

CVE-2026-59866

Kiota (OpenAPI-based HTTP client generator) is affected by CVE-2026-59866 due to unsafe generation of x-ms-kiota-info clientClassName and clientNamespaceName, which can cause arbitrary file writes and code-injection when kiota generate runs without -c/--class-name. The issue allows attacker-contr...

9.3CVSS6.2AI score
Exploits0References4
mscve
mscve
added 2026/04/10 8:2 a.m.6 views

apparmor: Fix double free of ns_name in aa_replace_profiles()

...

7.8CVSS5.8AI score0.00181EPSS
Exploits0
susecve
susecve
added 2026/04/02 8:39 a.m.9 views

SUSE CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

6.1CVSS5.7AI score0.00181EPSS
Exploits0References22
osv
osv
added 2026/04/01 5:49 p.m.4 views

CVE-2026-5199 Cross Namespace Access via Batch Operation

A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow IDs and, for signal operations, signal names. This was due to a bu...

2.3CVSS6.1AI score0.00248EPSS
Exploits0References5
redhatcve
redhatcve
added 2026/04/01 1:38 p.m.6 views

CVE-2026-23408

A flaw was found in AppArmor within the Linux kernel. This vulnerability involves a double free of the nsname variable in the aareplaceprofiles function. This can occur when nsname is assigned from ent-nsname without properly nulling out ent-nsname, leading to it being freed twice. A local attack...

7.8CVSS5.9AI score0.00181EPSS
Exploits0References4
euvd
euvd
added 2026/04/01 9:31 a.m.5 views

EUVD-2026-17837

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

5.7AI score0.00181EPSS
Exploits0References6
nvd
nvd
added 2026/04/01 9:16 a.m.7 views

CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

7.8CVSS0.00181EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2026/04/01 9:16 a.m.6 views

CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

7.8CVSS5.7AI score0.00181EPSS
Exploits0References12
debiancve
debiancve
added 2026/04/01 8:36 a.m.5 views

CVE-2026-23408

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

7.8CVSS5.2AI score0.00181EPSS
Exploits0
cvelist
cvelist
added 2026/04/01 8:36 a.m.37 views

CVE-2026-23408 apparmor: Fix double free of ns_name in aa_replace_profiles()

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error = aaunpackudata, &lh, &nsname; and if ent-nsname contains an nsname in 1089 else if ent-nsname then nsname is assigned the ent-nsname 109...

7.8CVSS0.00181EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.6 views

PT-2026-29583

Name of the Vulnerable Software and Affected Versions Temporal Server versions 1.29.0 and later Description A user with a writer role in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the...

2.3CVSS6AI score0.00248EPSS
Exploits0References10
cnnvd
cnnvd
added 2026/04/01 12:0 a.m.9 views

Temporal Server 安全漏洞

Temporal Server is a microservices orchestration platform developed by Temporal Corporation. There is a security vulnerability in Temporal Server. This vulnerability stems from the fact that users with the “Writer” role in the namespaces controlled by attackers can send signals, delete, and reset...

2.3CVSS5.9AI score0.00248EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.12 views

PT-2026-29491

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the apparmor subsystem related to a double free of ns name in the aa replace profiles function. Specifically, if ns name is NULL after unpacking...

7.8CVSS6.8AI score0.00181EPSS
Exploits0
osv
osv
added 2026/03/11 3:50 p.m.4 views

CVE-2026-1497 Incorrect privilege assignment in composite databases

Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.22 can lead to the following scenario: an admin that intends to give a user an access to a remote database constituent "namespace.name" will inadvertently grant access to any...

2CVSS6AI score0.00235EPSS
Exploits0References3
cve
cve
added 2026/03/11 3:50 p.m.10 views

CVE-2026-1497

Neo4j Enterprise suffers an incorrect namespace resolution in composite databases, before versions 2026.02 and 5.26.22. An admin granting access to a remote constituent "namespace.name" can inadvertently grant privileges to any local database or remote alias named "name"; if that target doesn’t e...

7.2CVSS5.8AI score0.00235EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder