Lucene search
+L

788 matches found

Cvelist
Cvelist
added 2026/05/14 9:0 p.m.53 views

CVE-2026-45781 MCP Registry: OCI ownership validation fails open on upstream rate limits, allowing attacker-controlled package claims

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.9, OCI ownership validation skips label-match check when upstream OCI registry returns HTTP 429, letting any authenticated publisher bind their io.github./ namespace to OCI images the...

3.5CVSS0.00206EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.5 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-115 (ALASDOCKER-2026-115)

The version of oci-add-hooks installed on the remote host is prior to 0-0.9.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-115 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or...

9.8CVSS7.5AI score0.00621EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.20 views

PT-2026-41128

Name of the Vulnerable Software and Affected Versions MCP Registry versions prior to 1.7.9 Description OCI ownership validation fails to perform a label-match check when an upstream OCI registry returns an HTTP 429 Too Many Requests error. This occurs because the function ValidateOCI in the file...

3.5CVSS5.8AI score0.00206EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.12 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2026-101 (ALASNITRO-ENCLAVES-2026-101)

The version of oci-add-hooks installed on the remote host is prior to 0-0.9.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-101 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow ...

9.8CVSS7.5AI score0.00621EPSS
Exploits0References18
OSV
OSV
added 2026/05/11 10:6 a.m.9 views

RHSA-2026:15940 Red Hat Security Advisory: oci-seccomp-bpf-hook security update

Bulletin has no description...

7.5CVSS5.7AI score0.00585EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2026/05/11 7:8 a.m.14 views

Moderate: Red Hat Security Advisory: oci-seccomp-bpf-hook security update

An update for oci-seccomp-bpf-hook is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.2AI score0.00585EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

RHEL 9 : oci-seccomp-bpf-hook (RHSA-2026:15940)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:15940 advisory. OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to...

7.5CVSS7.3AI score0.00585EPSS
Exploits1References5
NVD
NVD
added 2026/05/06 8:16 a.m.30 views

CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:8 a.m.11 views

CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS5.8AI score0.00146EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 7:8 a.m.18 views

CVE-2026-35254

CVE-2026-35254 affects Oracle OCI CLI (Oracle Open Source Projects) with affected version 3.77. The vulnerability enables an unauthenticated, network-accessible attacker to cause Oracle OCI CLI to place imported files outside the intended directory, indicating a path traversal-like impact. CVSS3....

6.1CVSS5.8AI score0.00146EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.16 views

RHCOS 4 : OpenShift Container Platform 4.10.3 (RHSA-2022:0055)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0055 advisory. - CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix CVE-2014-3577 - jenkins-2-plugins/git: stored XSS vulnerabilit...

7.5CVSS7.2AI score0.09149EPSS
Exploits1References16
OSV
OSV
added 2026/05/05 6:49 a.m.5 views

OPENSUSE-SU-2026:20676-1 Security update for build, product-composer

This update for build, product-composer fixes the following issues: Changes in build: - Support a new "IgnoreRebuild" config. - build-recipe-kiwi: Add support for oci containers Avoid needlessly compressing container images Detect container images based on build result file name - Fix queryrecipe...

7.3CVSS5.8AI score0.00209EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/05/05 12:0 a.m.22 views

osbuild-composer security update

149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...

7.5CVSS7.1AI score0.01127EPSS
Exploits0
OSV
OSV
added 2026/04/30 10:10 a.m.8 views

RHSA-2026:11804 Red Hat Security Advisory: oci-seccomp-bpf-hook security update

Bulletin has no description...

7.5CVSS7.2AI score0.00585EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2026/04/29 3:55 p.m.9 views

Moderate: Red Hat Security Advisory: oci-seccomp-bpf-hook security update

An update for oci-seccomp-bpf-hook is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2026/04/28 12:0 a.m.29 views

oci-utils security update

-- 0.14.0-21 - Update the debugging log file path. Orabug: 39250938...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.5 views

Oracle Linux 8 : oci-utils (ELSA-2026-65027)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-65027 advisory. -- 0.14.0-19 - Fix secondary vnic default metric to be a lower priority value Orabug: 38154477 Tenable has extracted the preceding description block directly...

5.5AI score
Exploits0References2
Oracle linux
Oracle linux
added 2026/04/23 12:0 a.m.10 views

oci-utils security update

-- 0.14.0-19 - Fix secondary vnic default metric to be a lower priority value Orabug: 38154477...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/23 12:0 a.m.7 views

ALSA-2026:10135 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS6.1AI score0.00651EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.18 views

Oracle Linux 8 : osbuild-composer (ELSA-2026-8456)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8456 advisory. 101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References2
Rows per page
Query Builder