Lucene search
K

131 matches found

OSV
OSV
added 2026/06/25 3:31 p.m.4 views

OPENSUSE-RU-2026:21160-1 Recommended update for dnscrypt-proxy

This update for dnscrypt-proxy fixes the following issues: Changes in dnscrypt-proxy: - Update to version 2.1.16 The "tlsciphersuite" option is now a no-op. Modern TLS stacks no longer expose cipher suite selection in a meaningful way, and the option had become misleading A log size of 0 no longe...

9.1CVSS6.6AI score0.01557EPSS
Exploits1References8
NVD
NVD
added 2026/06/24 5:17 a.m.8 views

CVE-2026-12851

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS0.01684EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 3:40 a.m.8 views

EUVD-2026-38653

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS5.9AI score0.01684EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 3:40 a.m.9 views

CVE-2026-12851

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS5.9AI score0.01684EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/24 3:40 a.m.34 views

CVE-2026-12851 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS0.01684EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 2:46 p.m.6 views

OPENSUSE-SU-2026:20942-1 Security update for apptainer

This update for apptainer fixes the following issues: Changes in apptainer: - Update apptainer to version v1.5.1 Security fix bsc1267982: Fix for CVE-2026-48785 / GHSA-cr2j-534f-mf3g. Incorrect path matching for limit container paths directive. This is only applicable to SUID installations that...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/05/20 12:0 a.m.7 views

UBUNTU-CVE-2026-43617

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

6.3CVSS5.8AI score0.00282EPSS
Exploits0References7
NVD
NVD
added 2026/05/19 6:16 p.m.28 views

CVE-2026-47107

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

8.6CVSS0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/19 4:42 p.m.18 views

EUVD-2026-30958

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

9.6CVSS6AI score0.0024EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/17 11:15 p.m.2 views

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...

5.8CVSS6.9AI score0.02415EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2026/04/09 12:35 p.m.2 views

ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module

resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...

5.8CVSS6.9AI score0.02415EPSS
Exploits2References4
EUVD
EUVD
added 2026/03/05 3:31 a.m.4 views

EUVD-2026-9517

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

7.1CVSS5.9AI score0.00106EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 1:38 a.m.2 views

CVE-2026-29125

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

7.1CVSS5.9AI score0.00106EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : dhcp-4.1.1-34.P1.AXS4 (AXSA:2013-133:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-133:01 advisory. DHCP Dynamic Host Configuration Protocol is a protocol which allows individual devices on an IP network to get their own network configuration information IP...

7.1CVSS6.4AI score0.21653EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : glibc-2.12-1.80.AXS4.3 (AXSA:2012-754:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-754:05 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

6.8CVSS7AI score0.03163EPSS
Exploits1References4
OSV
OSV
added 2026/01/13 10:53 a.m.8 views

CLSA-2026-1768301582 ruby: Fix of CVE-2025-24294

CVE-2025-24294: Limit the length of a decompressed domain name to prevent DoS in resolv gem...

7.5CVSS7.1AI score0.00539EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : ruby:3.3 (AXSA:2025-11557:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11557:01 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 When using the + operator to combine URIs,...

7.5CVSS7AI score0.00539EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.9 views

AlmaLinux 8 : ruby:3.3 (ALSA-2025:23062)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23062 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description bloc...

7.5CVSS7AI score0.00539EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.8 views

AlmaLinux 9 : ruby:3.3 (ALSA-2025:23063)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23063 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description bloc...

7.5CVSS7AI score0.00539EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.4 views

AlmaLinux 10 : ruby (ALSA-2025:23141)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23141 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description blo...

7.5CVSS7AI score0.00539EPSS
Exploits0References5
Rows per page
Query Builder