Lucene search
+L

195 matches found

CVE
CVE
added 3 days ago7 views

CVE-2026-10671

CVE-2026-10671 affects Zephyr kernel: the userspace verifier for k_pipe_init used K_SYSCALL_OBJ(), allowing an unprivileged thread with access to a k_pipe object to re-init a live pipe. This re-initialization clears the ring buffer and wait queues without accounting for current blockers, leaving ...

7.1CVSS6.1AI score0.00103EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

AlmaLinux 9 : podman (ALSA-2026:37123)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37123 advisory. golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate CVE-2026-39835 golang.org/x/crypto/ssh:...

9.1CVSS6.8AI score0.00525EPSS
Exploits0References9
Rockylinux
Rockylinux
added 2026/07/10 12:5 p.m.8 views

podman security, bug fix, and enhancement update

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

9.1CVSS6.4AI score0.00533EPSS
Exploits0
OSV
OSV
added 2026/07/10 12:5 p.m.4 views

RLSA-2026:37072 Important: podman security, bug fix, and enhancement update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...

8.7CVSS6.7AI score0.00533EPSS
Exploits0References9
OSV
OSV
added 2026/07/10 12:3 p.m.5 views

RLSA-2026:37123 Important: podman security, bug fix, and enhancement update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...

8.7CVSS6.7AI score0.00525EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.12 views

RockyLinux 9 : podman (RLSA-2026:37123)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:37123 advisory. golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate CVE-2026-39835 golang.org/x/crypto/ssh:...

9.1CVSS6.8AI score0.00525EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2026/07/09 7:38 a.m.10 views

Important: Red Hat Security Advisory: podman security, bug fix, and enhancement update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.1CVSS7.5AI score0.00525EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/09 5:35 a.m.11 views

Important: Red Hat Security Advisory: podman security, bug fix, and enhancement update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.1CVSS6.5AI score0.00533EPSS
Exploits0References9
OSV
OSV
added 2026/07/09 12:0 a.m.1 views

ALSA-2026:37123 Important: podman security, bug fix, and enhancement update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...

9.1CVSS6.8AI score0.00525EPSS
Exploits0References16
AlmaLinux
AlmaLinux
added 2026/07/09 12:0 a.m.8 views

Important: podman security, bug fix, and enhancement update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...

9.1CVSS6.7AI score0.00525EPSS
Exploits0References16
OSV
OSV
added 2026/07/01 6:0 a.m.7 views

RLSA-2026:33722 Important: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via...

7.5CVSS6.8AI score0.00728EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/07/01 6:0 a.m.27 views

container-tools:rhel8 security, bug fix, and enhancement update

An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...

7.5CVSS6.9AI score0.00728EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.9 views

RockyLinux 8 : container-tools:rhel8 (RLSA-2026:33722)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33722 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial...

7.5CVSS6.9AI score0.00728EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/24 8:39 p.m.10 views

CVE-2026-52930

A flaw was found in the Linux kernel's inter-process communication IPC shared memory shm component. A synchronization issue exists where orphaned shared memory segments might be incorrectly destroyed while still in use due to a lack of serialization between cleanup and attachment updates. This...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in grub2

A vulnerability related to operations after freeing memory has been discovered in GRUB’s gettext module. This flaw arises from a programming error where the gettext command remains registered in memory even after its associated module is unloaded. An attacker can exploit this condition by invokin...

7.8CVSS5.3AI score0.00207EPSS
Exploits0References3
OSV
OSV
added 2026/06/19 7:53 p.m.3 views

CVE-2026-49337 libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes decodercontext::readsliceNAL libde265/decctx.cc:481 to attach slice headers to a finished picture object that has no active image unit, resulting in...

4.3CVSS5.9AI score0.00194EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2026/06/18 3:33 p.m.25 views

Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a simple no. The rush to adopt internal AI tools has left a massive trail of administrative debt:...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/06/17 6:11 p.m.15 views

EUVD-2026-36728

Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads...

7.5CVSS5.2AI score0.00278EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/15 2:23 p.m.8 views

CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

5.3CVSS5.4AI score0.00278EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 2:23 p.m.78 views

CVE-2026-5038

MULTER CVE-2026-5038 affects multer’s diskStorage: versions 2.0.0-alpha.1–2.1.1 and 3.0.0-alpha.1 are vulnerable. The root cause is that Readable.pipe() does not propagate the stream destroy signal to the underlying fs.WriteStream, allowing aborted or malformed multipart uploads to leave orphaned...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder