1120 matches found
CVE-2026-23367
In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the undefined field 18 is used, the alignment/size is unknown as well. In...
CVE-2026-23367
CVE-2026-23367 – Linux kernel (wifi: radiotap: reject radiotap with unknown bits) The issue arises in the radiotap parser used for the radiotap namespace. If an undefined field (field 18) is present, the alignment/size is unknown and iterator->_next_ns_data is not initialized for non-visible v...
SUSE CVE-2026-29773
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
Linux Distros Unpatched Vulnerability : CVE-2026-23367
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace not with vendor namespaces, but if the...
Improper Authorization
github.com/redhat-developer/gitops-operator is vulnerable to improper authorization. The vulnerability is due to insufficient validation of ArgoCD Custom Resources created by namespace administrators, which allows an authenticated attacker to escalate privileges across namespaces and deploy...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-38499)
In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. Wouldn't be able to undo may be a resu...
EUVD-2026-12910
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...
CVE-2026-23268 apparmor: fix unprivileged local user can do privileged policy management
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...
CVE-2026-32720
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1397)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...
CVE-2026-29773
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
SUSE kubewarden 安全漏洞
SUSE Kubewarden is a policy engine developed by the German company SUSE. There is a security vulnerability in Kubewarden, which allows attackers with specific permissions to deploy policies using deprecated host callback APIs. This vulnerability may lead to the reading of Ingresses, Namespaces, a...
CVE-2026-29773 kubewarden-controller cross-namespace data exfiltration via deprecated host callback binding
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
CVE-2026-29773 kubewarden-controller cross-namespace data exfiltration via deprecated host callback binding
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
CVE-2026-29773
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
CVE-2026-29773
Technical details for CVE-2026-29773 are not provided in the connected documents. The available materials mention read-only access via deprecated APIs but do not specify affected versions, fixes, or explicit exploit details.
CVE-2026-29773 kubewarden-controller cross-namespace data exfiltration via deprecated host callback binding
Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manner,...
Kubewarden: Cross-namespace data exfiltration via deprecated host callback binding
Impact Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manne...
GHSA-6R7F-3FWQ-HQ74 Kubewarden: Cross-namespace data exfiltration via deprecated host callback binding
Impact Kubewarden is a policy engine for Kubernetes. Kubewarden cluster operators can grant permissions to users to deploy namespaced AdmissionPolicies and AdmissionPolicyGroups in their Namespaces. One of Kubewarden promises is that configured users can deploy namespaced policies in a safe manne...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
CVE-2021-3493 – Ubuntu OverlayFS Local Privilege Escalation...