Lucene search
+L

360 matches found

Cvelist
Cvelist
added 2026/04/22 4:4 p.m.27 views

CVE-2026-6515 Insufficient Session Expiration in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions...

5.4CVSS0.00163EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/22 4:4 p.m.10 views

CVE-2026-6515 Insufficient Session Expiration in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions...

5.4CVSS5.8AI score0.00163EPSS
Exploits0References2
CVE
CVE
added 2026/04/22 4:4 p.m.42 views

CVE-2026-6515

GitLab CVE-2026-6515 affects GitLab CE/EE versions 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1. The issue could allow a user to reuse invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions (insufficient session expiration). Remed...

5.4CVSS5.8AI score0.00163EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:4 p.m.4 views

CVE-2026-6515

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or incorrectly scoped credentials to access Virtual Registries under certain conditions...

5.4CVSS5.8AI score0.00163EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.13 views

PT-2026-34521

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.2 through 18.9.5 GitLab CE/EE versions 18.10 through 18.10.3 GitLab CE/EE versions 18.11 through 18.11.0 Description An issue exists that could allow a user to access Virtual Registries under certain conditions by usin...

5.4CVSS5.2AI score0.00163EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

GitLab 18.2 < 18.9.6 / 18.10 < 18.10.4 / 18.11 < 18.11.1 (CVE-2026-6515)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or...

5.4CVSS5.6AI score0.00163EPSS
Exploits0References4
Fedora
Fedora
added 2026/04/17 12:54 a.m.8 views

[SECURITY] Fedora 43 Update: skopeo-1.22.2-1.fc43

Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...

7.5CVSS6.4AI score0.00651EPSS
Exploits0
Snyk
Snyk
added 2026/04/03 3:7 a.m.5 views

Incomplete List of Disallowed Inputs

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs due to insufficient sanitization of environment variables related to package management, registries, Docker, compilers, and TLS overrides in the...

7.1CVSS6AI score0.00307EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.4 views

CVE-2025-33242

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS5.8AI score0.00311EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/24 9:31 p.m.5 views

EUVD-2025-208971

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS5.8AI score0.00311EPSS
Exploits0References3
NVD
NVD
added 2026/03/24 9:16 p.m.3 views

CVE-2025-33242

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS0.00311EPSS
Exploits0References3
CVE
CVE
added 2026/03/24 8:22 p.m.14 views

CVE-2025-33242

The NVIDIA security bulletin adds CVE-2025-33242 to HGX and DGX B300 products (CX8 MCU). It describes a vulnerability that could allow a malicious actor to modify unsupported registries, potentially causing a bad state with Denial of Service and data tampering (vector: AV:N/AC:H/PR:H/UI:N/S:U/C:N...

5.9CVSS5.8AI score0.00311EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 8:22 p.m.6 views

CVE-2025-33242

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS5.8AI score0.00311EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/24 8:22 p.m.26 views

CVE-2025-33242

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS0.00311EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/24 8:22 p.m.28 views

CVE-2025-33242

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS5.8AI score0.00311EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.8 views

PT-2026-27503

NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead to denial of service and data tampering...

5.9CVSS5.8AI score0.00311EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/02 2:25 a.m.1 views

Malicious Package

Overview sequelization is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/01/27 2:25 a.m.4 views

Malicious Package

Overview mapkit-example-vue is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Qualys Blog
Qualys Blog
added 2026/01/22 4:0 p.m.18 views

How Public Container Registries Have Become a Silent Risk Multiplier in a Modern Supply Chain

Key Takeaways Pulling container images from public registries is a trust decision, not a neutral operational step. The impact extends to infrastructure stability, cloud spend, and security risk. Cryptomining is the most common form of malicious abuse in public container images, driven by the ease...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/26 5:15 p.m.7 views

CVE-2025-68944

A flaw was found in Gitea, a self-hosted Git service. This vulnerability allows an authenticated user to bypass access controls within its package registries. This occurs because the system improperly handles the propagation of token scope, which defines what actions a token is allowed to perform...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References6
Rows per page
Query Builder