Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 8:39 p.m.5 views

CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS6AI score0.00124EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52087

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw exists in the safepath package used by virt-handler. The OpenAtNoFollow function utilizes O PATH|O NOFOLLOW to obtain a file descriptor for a path leaf; however, subsequent operations...

7.3CVSS6AI score0.00124EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.8 views

CVE-2026-43419

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/11/06 9:56 a.m.25 views

CVE-2024-9902 Ansible-core: ansible-core user may read/write unauthorized content

A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the user module against the unprivileged user's home directory. If the...

6.3CVSS0.00248EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/08/18 1:15 p.m.1 views

CVE-2022-29549

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks e.g., to help ensure that a program was installed by root and without integrity checks e.g., a checksum comparison against known legitimate...

7.3CVSS6AI score0.00267EPSS
Exploits0References6
Rows per page
Query Builder