Lucene search
+L

32 matches found

Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-56743 Cilium may unexpectedly allow ingress traffic from the local namespace when a Kubernetes NetworkPolicy is configured with an ipBlock match

Cilium is a networking, observability, and security solution. From 1.19.0 to 1.19.4, standard Kubernetes NetworkPolicy specifications using CIDR-based ipBlock rules without pod or namespace selectors erroneously generate a wildcard namespace allow rule when Cilium is configured with a custom...

5.4CVSS0.00158EPSS
Exploits0References6
OSV
OSV
added 2026/07/03 7:24 p.m.3 views

SUSE-SU-2026:2755-1 Security update for xdg-dbus-proxy

This update for xdg-dbus-proxy fixes the following issue: - CVE-2026-34080: failure in the policy parser can lead to information disclosure bsc1261737...

6.8CVSS5.9AI score0.00175EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

openSUSE 16 Security Update : xdg-dbus-proxy (openSUSE-SU-2026:20934-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20934-1 advisory. This update for xdg-dbus-proxy fixes the following issue: - CVE-2026-34080: failure in the policy parser can lead to information disclosure bsc1261737...

6.8CVSS5.4AI score0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 2:52 p.m.6 views

SUSE-SU-2026:22096-1 Security update for xdg-dbus-proxy

This update for xdg-dbus-proxy fixes the following issue: - CVE-2026-34080: failure in the policy parser can lead to information disclosure bsc1261737...

6.8CVSS5.3AI score0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 2:52 p.m.8 views

OPENSUSE-SU-2026:20934-1 Security update for xdg-dbus-proxy

This update for xdg-dbus-proxy fixes the following issue: - CVE-2026-34080: failure in the policy parser can lead to information disclosure bsc1261737...

6.8CVSS5.4AI score0.00175EPSS
Exploits0References2
Mageia
Mageia
added 2026/06/07 5:10 a.m.15 views

Updated xdg-dbus-proxy packages fix security vulnerability

A policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases...

6.8CVSS5.5AI score0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/06/07 5:10 a.m.13 views

MGASA-2026-0178 Updated xdg-dbus-proxy packages fix security vulnerability

A policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases...

6.8CVSS5.4AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2026/05/15 1:59 p.m.8 views

OESA-2026-2286 xdg-dbus-proxy security update

xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally part of the flatpak project, but it has been broken out as a standalone module to facilitate using it in other contexts. Security Fixes: xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy...

6.8CVSS5.8AI score0.00175EPSS
Exploits0References2
OSV
OSV
added 2026/05/09 12:30 p.m.11 views

OESA-2026-2212 xdg-dbus-proxy security update

xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally part of the flatpak project, but it has been broken out as a standalone module to facilitate using it in other contexts. Security Fixes: xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy...

6.8CVSS5.8AI score0.00175EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/08 11:25 p.m.7 views

SUSE CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/08 9:2 a.m.7 views

CVE-2026-34080

A flaw was found in xdg-dbus-proxy, a filtering proxy for D-Bus connections. A local client can exploit a policy parser vulnerability by crafting specific policy rules, such as including a space before the equals sign in "eavesdrop=true". This improper parsing allows the client to bypass intended...

6.8CVSS5.8AI score0.00175EPSS
Exploits0References4
NVD
NVD
added 2026/04/07 9:17 p.m.5 views

CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...

6.8CVSS0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/04/07 9:17 p.m.1 views

DEBIAN-CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...

5.5CVSS5.4AI score0.00175EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/07 9:17 p.m.5 views

CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...

6.8CVSS5.9AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2026/04/07 9:17 p.m.6 views

UBUNTU-CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...

6.8CVSS5.8AI score0.00175EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/07 8:57 p.m.2 views

CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...

6.8CVSS5.9AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/07 8:57 p.m.31 views

CVE-2026-34080

xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allowed bypassing eavesdrop restrictions because the parser mishandles patterns like eavesdrop ='true' (space before =). As a result, clients could intercept D-Bus messages they should not hav...

6.8CVSS5.9AI score0.00175EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-34080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy chec...

6.8CVSS6AI score0.00175EPSS
Exploits0References2
Veracode
Veracode
added 2025/09/03 10:21 a.m.6 views

Prototype Pollution

content-security-policy-parser is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of the proto property in policy names, which allows an attacker to override the Object prototype and potentially execute arbitrary actions through prototype pollution...

8.8CVSS7.1AI score0.00424EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsv
added 2025/08/12 6:7 p.m.6 views

@0xbigboss/vite-plugin-web-extension (>=5.2.0 <=5.4.0), @58860ed6ffd9e897/gold-finger-extension (=1.0.2) +54 more potentially affected by CVE-2025-55164 via content-security-policy-parser (>=0.1.1 <=0.5.0)

content-security-policy-parser NPM version =0.1.1, =5.2.0, =2.13.1, =2.12.1-canary.3354, =2.12.1-canary.3354, =2.12.5, =0.84.3, =0.0.0-experimental-2cc8de3, =0.0.0-experimental-4529dd0, =0.0.0-experimental-2cd2b9e, =0.0.0-experimental-2cc8de3, =0.0.0-experimental-2cc8de3,...

8.8CVSS5.7AI score0.00424EPSS
Exploits0
Rows per page
Query Builder