Lucene search
K

7103 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.19 views

Linux Distros Unpatched Vulnerability : CVE-2026-8924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in curl's cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an...

6AI score0.00219EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/23 5:23 p.m.12 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 4:50 p.m.7 views

Important: Red Hat Security Advisory: satellite/foreman-mcp-server-rhel9 container image available as a Technology Preview

A new satellite/foreman-mcp-server-rhel9 container image is now available as a Technology Preview in the Red Hat container registry. Satellite provides a container image that you can use to run an MCP server locally. The MCP server for Satellite is designed for advanced reporting and data analysi...

8.8CVSS5.8AI score0.00237EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...

5.1AI score0.00145EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Always report an error in runonedelayedref. Currently, we have a btrfsdebug function for handling failures in runonedelayedref. However, if end users encounter such problems, there will be no chance that btrfsdebug is...

7.8CVSS6.1AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: airoha: Fixed the issue related to qid reporting in the airohatcgethtbgetleafqueue routine. Fixed the following kernel warnings when deleting HTB offloaded leafs and/or root HTB qdisc in the airohaeth driver, ensuring tha...

5.5CVSS6AI score0.00179EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 9:52 p.m.8 views

Malicious code in twrap-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174cba09d5ec9724bd55871c7f74c27ff8592bf55c06464204e0591667377259 twraptoolkit/init.py defines getpayload which issues a plaintext HTTP request to http://194.5.152.9:8080/hacks/textwrap-toolkit/textwraptoolkit/init....

6.5AI score
Exploits0References2
Hacker One
Hacker One
added 2026/06/15 11:37 a.m.117 views

curl: Secure cookies leaked to HTTP origins through HTTPS forwarding proxy

Summary: When curl accesses an http:// origin through an HTTPS forwarding proxy, it sends Secure cookies in the request. The cookies travel in cleartext between the proxy and the origin server, visible to the proxy operator and anyone on that network path. curl also reports CURLINFOSCHEME as...

5.5AI score
Exploits0
EUVD
EUVD
added 2026/06/13 2:34 a.m.14 views

EUVD-2026-36640

A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...

5.5CVSS5.3AI score0.00116EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/13 2:34 a.m.6 views

CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

7CVSS5.5AI score0.0014EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/13 2:34 a.m.33 views

CVE-2026-54230 Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

7CVSS0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.14 views

PT-2026-49075

Name of the Vulnerable Software and Affected Versions libreport affected versions not specified Description A symlink following issue exists in the ABRT post-create event handler scripts. These scripts write output files using shell redirections without the O NOFOLLOW flag a flag that prevents a...

7.8CVSS5.4AI score0.0014EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/06/12 7:21 p.m.88 views

aetherion

/\ | | | | | |...

8.8CVSS5.4AI score0.00541EPSS
Exploits12
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.7 views

Cloud Files Security Review Tool

This code performs a defensive security assessment of Windows systems by reviewing configuration elements associated with Cloud Files components, environment manipulation opportunities, temporary file exposure, and Windows Error Reporting artifacts...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/06/09 2:0 p.m.826 views

June 9, 2026—KB5094123 (OS Build 17763.8880)

June 9, 2026—KB5094123 OS Build 17763.8880 Summary This article lists the security issues and quality improvements included in this cumulative security update. Windows Server 2019Windows 10, version 1809 Applies to: Windows Server 2019This security update includes fixes and quality improvements...

9.1CVSS6.2AI score0.48438EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/06/08 9:54 a.m.76 views

AnSploit

Ansploit v2.0 — Android Network Security & Exploitation Toolki...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/07 4:58 a.m.9 views

CVE-2026-11120

An insufficient validation of untrusted input flaw was found in the Enterprise Reporting component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501467566...

9.6CVSS5.4AI score0.00276EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.9 views

SUSE CVE-2026-11120

Insufficient validation of untrusted input in Enterprise Reporting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.18 views

Google Chrome < 149.0.7827.53 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a...

9.6CVSS6.4AI score0.00985EPSS
Exploits1References859
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.70 views

Google Chrome < 149.0.7827.53 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a...

9.6CVSS6.4AI score0.00985EPSS
Exploits1References859
Rows per page
Query Builder