Lucene search
K

15 matches found

Vulnrichment
Vulnrichment
added 2026/06/10 5:27 p.m.20 views

CVE-2026-50563 Fission Container Executor Function PodSpec Injection Leading to Node Escape

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, Fission's Container Executor path lets a tenant supply Function.spec.podspec directly; the executor merges it into the...

9.9CVSS5.4AI score0.00274EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.35 views

PT-2026-48509

Name of the Vulnerable Software and Affected Versions Fission versions prior to 1.24.0 Description Fission is a Kubernetes-native serverless framework. The Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder...

9.9CVSS5.8AI score0.00274EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/05/15 10:38 a.m.105 views

Critical: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References2
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.7 views

Oracle Linux 9 : nginx:1.24 (ELSA-2026-6923)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6923 advisory. - Resolves: RHEL-157886 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves:...

8.8CVSS7.2AI score0.21621EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

WordPress plugin Gmedia Photo Gallery 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site reques...

4.3CVSS6.5AI score0.001EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.7 views

Fedora 42 : migrate (2025-57302ba8ea)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-57302ba8ea advisory. - Update to 4.19.0 - Address CVEs by rebuilding with Go 1.24.10 Tenable has extracted the preceding description block directly from the Fedora...

7.5CVSS7.5AI score0.00626EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10209

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

5.2CVSS5.9AI score0.00413EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10237

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.3CVSS7.5AI score0.0041EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10239

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.3CVSS7.5AI score0.0041EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/07/20 12:0 a.m.11 views

PT-2021-6457 · Oracle +2 · Virtualbox +2

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.24 Description: The issue is related to errors in resource release in the Core component of Oracle VM VirtualBox. It allows a high-privileged attacker with logon to the infrastructure where Oracle VM...

8.8CVSS6.3AI score0.06932EPSS
Exploits10References202
Positive Technologies
Positive Technologies
added 2021/06/01 12:0 a.m.7 views

PT-2021-20792 · Unknown · Kiali-Operator

Name of the Vulnerable Software and Affected Versions: kiali-operator versions prior to 1.33.0 kiali-operator versions prior to 1.24.7 Description: An incorrect access control flaw was found in the kiali-operator. This flaw allows an attacker with a basic level of access to the cluster to deploy ...

8.8CVSS7AI score0.00969EPSS
Exploits0References8
CNVD
CNVD
added 2018/11/21 12:0 a.m.4 views

PHP Denial of Service Vulnerability (CNVD-2019-00335)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in th...

7.5CVSS7.2AI score0.04327EPSS
Exploits1References1
OSV
OSV
added 2017/08/08 3:29 p.m.2 views

CVE-2017-10242

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

7.3CVSS7.3AI score0.0041EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/27 12:0 a.m.5 views

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2017-17515)

VirtualBox is cross-platform virtualization software for x86-based systems. A security vulnerability exists in the Core component implementation of Oracle VM VirtualBox versions prior to 5.1.24, which can be exploited by attackers to compromise system integrity and availability...

4.6CVSS6.7AI score0.0041EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.5 views

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2017-17513)

VirtualBox is cross-platform virtualization software for x86-based systems. A security vulnerability exists in the Core component implementation of Oracle VM VirtualBox versions prior to 5.1.24, which can be exploited by attackers to compromise system confidentiality, integrity, and availability...

7.3CVSS6.7AI score0.0041EPSS
Exploits0References1
Rows per page
Query Builder