Lucene search
K

212 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-56115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low- privileged users to perform administrative actions by...

8.8CVSS6AI score0.00307EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/06/11 12:22 p.m.11 views

USN-8421-1: Ironic vulnerabilities

Dmitry Tantsur and Tuomo Tanskanen discovered that Ironic did not properly validate file paths when handling ISO images. A privileged authenticated remote user could use this issue to perform path traversal via a crafted ISO image and overwrite arbitrary files on the Ironic conductor...

8.1CVSS5.9AI score0.00601EPSS
Exploits0
OSV
OSV
added 2026/06/11 12:22 p.m.9 views

USN-8421-1 ironic vulnerabilities

Dmitry Tantsur and Tuomo Tanskanen discovered that Ironic did not properly validate file paths when handling ISO images. A privileged authenticated remote user could use this issue to perform path traversal via a crafted ISO image and overwrite arbitrary files on the Ironic conductor...

8.1CVSS6AI score0.00601EPSS
Exploits0References4
NVD
NVD
added 2026/06/04 4:17 a.m.11 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS0.00283EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.11 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.8 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.41 views

CVE-2026-44917

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS0.00283EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/04 12:0 a.m.14 views

EUVD-2026-34202

OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxetemplate...

4.9CVSS5.8AI score0.00283EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack application. It is used to configure bare machines rather than virtual machines. Versions of OpenStack Ironic prior to 35.0.2 contained a security vulnerability. This vulnerability stemmed from allowing malicious project administrators or managers to re...

4.9CVSS5.2AI score0.00283EPSS
Exploits0References3
CVE
CVE
added 2026/01/08 12:29 p.m.17 views

CVE-2025-62877

CVE-2025-62877 affects SUSE Virtualization (Harvester) where the interactive installer on Harvester 1.5.x–1.6.x may expose the OS default SSH password when creating a new cluster or adding hosts. The issue does not occur when PXE boot with the Harvester configuration is used. Affected component i...

9.8CVSS6.4AI score0.00473EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/08 12:29 p.m.2 views

CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer

Projects using the SUSE Virtualization Harvester environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is...

9.8CVSS6.5AI score0.00473EPSS
Exploits0References2
OSV
OSV
added 2026/01/08 12:29 p.m.7 views

CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer

Projects using the SUSE Virtualization Harvester environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is...

9.8CVSS6AI score0.00473EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-1644

Malware in sbrugna...

5CVSS6.3AI score0.0178EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-5117

Malware in sbrugna...

5CVSS6.4AI score0.02839EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-1414

Malware in sbrugna...

4.3CVSS6.4AI score0.05568EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-3858

Malware in sbrugna...

7.8CVSS6.2AI score0.02152EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-6165

Malware in sbrugna...

7.8CVSS6.4AI score0.02879EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24555

Malware in sbrugna...

9.8CVSS8.2AI score0.02767EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-0063

Malware in sbrugna...

4.3CVSS6.2AI score0.00788EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2002-0827

Malware in sbrugna...

5CVSS6.4AI score0.06937EPSS
Exploits1References9
Rows per page
Query Builder