Lucene search
K

1936 matches found

Fedora
Fedora
added 2026/07/05 12:52 a.m.12 views

[SECURITY] Fedora 43 Update: nsd-4.14.3-1.fc43

NSD is a complete implementation of an authoritative DNS name server. For further information about what NSD is and what NSD is not please consult the REQUIREMENTS document which is a part of this distribution...

8.8CVSS5.9AI score0.00303EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/03 1:28 a.m.38 views

CVE-2026-14327 AR for WordPress <= 8.40 - Unauthenticated Arbitrary File Read via 'file' Parameter

The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive...

7.5CVSS0.00459EPSS
Exploits0References6
Snyk
Snyk
added 2026/07/02 10:18 p.m.6 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error in the OIDC discovery process when the X-Forwarded-Host header is not validated and no allowed-hosts list is configured. An attacker can manipulate the issuer and JWKS URI in the discovery document by supplying a...

8.2CVSS6AI score0.00246EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.10 views

A Bayesian Network Approach for Enhancing Security-Focused Decision Support Systems

The adoption and integration of heterogeneous stacks in most of today's open-source based networks brings clear benefits like interoperability and availability of advanced features. Yet, on the other hand the increasing number of interconnecting components and moving parts requires maintaining an...

5.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/06 2:53 a.m.13 views

SUSE CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/05 10:17 a.m.9 views

Arbitrary Argument Injection

Overview ansible-core is an a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc task execution, network automation, and multi-node orchestration. Ansible makes complex changes like zero-downtime rolling updates with load...

8.4CVSS6.5AI score0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 9:16 a.m.14 views

CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS0.00156EPSS
Exploits0References4
OSV
OSV
added 2026/06/05 9:16 a.m.11 views

UBUNTU-CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 8:21 a.m.10 views

CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.4AI score0.00156EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/05 8:21 a.m.3 views

CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.5AI score0.00156EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 8:21 a.m.10 views

EUVD-2026-34791

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/05 8:21 a.m.7 views

CVE-2026-11332 Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/05 8:21 a.m.47 views

CVE-2026-11332 Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS0.00156EPSS
Exploits0References3
CVE
CVE
added 2026/06/05 8:21 a.m.65 views

CVE-2026-11332

CVE-2026-11332 affects ansible-core via the ansible-galaxy role install command. The vulnerability arises when processing a role’s meta/requirements.yml, where improper neutralization of argument delimiters allows a malicious role author to inject arbitrary git configuration flags through the src...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References4
NVD
NVD
added 2026/06/05 2:17 a.m.9 views

CVE-2026-11326

OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...

6CVSS0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.31 views

PT-2026-46910

Name of the Vulnerable Software and Affected Versions ansible-core affected versions not specified Red Hat Ansible Automation Platform affected versions not specified Description An argument injection flaw exists in the ansible-galaxy role install command. The issue occurs because dependency...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References25
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:7 a.m.8 views

RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads

...

7.5CVSS5.4AI score0.00467EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/05/27 11:44 p.m.19 views

K000161455: glibc vulnerability CVE-2026-0861

Security Advisory Description Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have...

8.4CVSS7.4AI score0.00352EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/05/27 4:55 p.m.22 views

Symfony has a UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection

Description Symfony routes can declare a requirements regex per path parameter, e.g. a route /locale/blog with requirements: locale: 'en|fr|de' . The Twig path / url helpers backed by UrlGenerator validate supplied parameter values against that regex before building the URL. UrlGenerator construc...

5.8AI score0.0004EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2026/05/27 4:55 p.m.8 views

GHSA-72XP-P242-47P9 Symfony has a UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection

Description Symfony routes can declare a requirements regex per path parameter, e.g. a route /locale/blog with requirements: locale: 'en|fr|de' . The Twig path / url helpers backed by UrlGenerator validate supplied parameter values against that regex before building the URL. UrlGenerator construc...

5.8AI score0.0004EPSS
Exploits0References6
Rows per page
Query Builder