Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.5 views

CVE-2026-29049

melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cache downloads URIs from build configs via io.Copy without any size limit or HTTP client timeout pkg/renovate/cache/cache.go. An attacker-controlled URI in a melange config can cau...

4.3CVSS5.8AI score0.00177EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/09/20 1:2 a.m.3 views

parisc: Try to fix random segmentation faults in package builds

...

6.3CVSS7AI score0.00264EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/07/16 2:34 a.m.3 views

SUSE CVE-2024-40918

In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...

6.3CVSS5.9AI score0.00264EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/12 12:25 p.m.14 views

CVE-2024-40918 parisc: Try to fix random segmentation faults in package builds

In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...

6.6AI score0.00264EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/05/21 12:0 a.m.18 views

openSUSE Security Update : lilypond (openSUSE-2018-487)

This update for lilypond fixes the following issues : - CVE-2018-10992: lilypond: Does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks bsc1093056 - packages do not build reproducib...

9.8CVSS8.3AI score0.01501EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/03/01 7:0 p.m.24 views

CVE-2017-14804 package builds could use directory traversal to write outside of target area

The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots...

9.9CVSS7AI score0.01744EPSS
Exploits0References3
Rows per page
Query Builder