15 matches found
CVE-2026-50563 Fission Container Executor Function PodSpec Injection Leading to Node Escape
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Container Executor path lets a tenant supply Function.spec.podspec directly; the executor merges it into the...
PT-2026-48509
Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.24.0 Description Fission is a Kubernetes-native serverless framework. The Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder...
Critical: Red Hat Security Advisory: nginx:1.24 security update
An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle Linux 9 : nginx:1.24 (ELSA-2026-6923)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6923 advisory. - Resolves: RHEL-157886 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves:...
WordPress plugin Gmedia Photo Gallery 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...
Fedora 42 : migrate (2025-57302ba8ea)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-57302ba8ea advisory. - Update to 4.19.0 - Address CVEs by rebuilding with Go 1.24.10 Tenable has extracted the preceding description block directly from the Fedora...
SUSE CVE-2017-10209
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
SUSE CVE-2017-10237
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
SUSE CVE-2017-10239
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
PT-2021-6457 · Oracle +2 · Virtualbox +2
Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.24 Description: The issue is related to errors in resource release in the Core component of Oracle VM VirtualBox. It allows a high-privileged attacker with logon to the infrastructure where Oracle VM...
PT-2021-20792 · Unknown · Kiali-Operator
Name of the Vulnerable Software and Affected Versions: kiali-operator versions prior to 1.33.0 kiali-operator versions prior to 1.24.7 Description: An incorrect access control flaw was found in the kiali-operator. This flaw allows an attacker with a basic level of access to the cluster to deploy ...
PHP Denial of Service Vulnerability (CNVD-2019-00335)
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in th...
CVE-2017-10242
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2017-17515)
VirtualBox is cross-platform virtualization software for x86-based systems. A security vulnerability exists in the Core component implementation of Oracle VM VirtualBox versions prior to 5.1.24, which can be exploited by attackers to compromise system integrity and availability...
Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2017-17513)
VirtualBox is cross-platform virtualization software for x86-based systems. A security vulnerability exists in the Core component implementation of Oracle VM VirtualBox versions prior to 5.1.24, which can be exploited by attackers to compromise system confidentiality, integrity, and availability...