13 matches found
EUVD-2026-42495
Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request...
CVE-2026-31309
Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node from v1.21.1-rc0 before v1.36.0 allows an unauthenticated attacker to arbitrarily overwrite the node's configuration and achieve a full node takeover via a crafted POST request...
PT-2026-56620
Name of the Vulnerable Software and Affected Versions Mysterium Node versions prior to 1.36.0 Description Improper authorization in the '/tequilapi/config/user' endpoint allows unauthenticated attackers to arbitrarily overwrite the node configuration. This can be achieved by sending a crafted POS...
CVE-2026-31309
Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node from v1.21.1-rc0 before v1.36.0 allows an unauthenticated attacker to arbitrarily overwrite the node's configuration and achieve a full node takeover via a crafted POST request...
CVE-2026-31309
Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node from v1.21.1-rc0 before v1.36.0 allows an unauthenticated attacker to arbitrarily overwrite the node's configuration and achieve a full node takeover via a crafted POST request...
CVE-2026-31309
CVE-2026-31309 affects Mysterium Node prior to v1.36.0. The vulnerability is an improper authorization flaw in the directory/endpoint “/tequilapi/config/user” that allows unauthenticated attackers to arbitrarily overwrite the node’s configuration via a crafted POST request, enabling a full node t...
PT-2026-43242
Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw in the virt-handler component allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual...
Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
A vulnerability in Kubernetes allows remote code execution. Read how abusing Log Query can lead to a complete takeover of all Windows nodes in a cluster...
Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
A vulnerability in Kubernetes allows remote code execution. Read how abusing Log Query can lead to a complete takeover of all Windows nodes in a cluster...
Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. "The vulnerability allows remote code execution with SYSTEM privileges on all Windows...
ntpd_driver 代码注入漏洞
ntpddriver is a library from Vladimir Ermakov's personal developer. Converts ROS TimeReference messages to ntpd shm format. A security vulnerability exists in ntpddriver versions prior to 1.3.0, 2.x series prior to 2.2.0, which stems from the fact that the topic nam depends on the timereftopic...
CVE-2018-5495
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node...
PT-2017-16160 · Blackberry · Qnx Sdp
Name of the Vulnerable Software and Affected Versions: BlackBerry QNX Software Development Platform SDP version 6.6.0 Description: The issue is related to an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled. This could allow an attacker to access...