Lucene search
K

874 matches found

CVE
CVE
added yesterday3 views

CVE-2026-60114

SIP 5.x (up to 5.2.16) contains a path traversal flaw in the Backup/Restore function. Unvalidated keys in the JSON backup enable attackers with restore access to craft file paths and write JSON files outside the data directory. The issue is worse when the optional passphrase is not enabled (facto...

8.7CVSS6.2AI score
Exploits1References2
Nuclei
Nuclei
added 2 days ago16 views

KeySight RF - smsRestoreDatabaseZip UNC path to Remote Code Execution

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

9.8CVSS7AI score0.53389EPSS
Exploits0References2
NVD
NVD
added 2026/07/06 8:16 a.m.7 views

CVE-2026-12083

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

8.1CVSS0.00295EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 6:0 a.m.5 views

EUVD-2026-41811

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

8.1CVSS6AI score0.00295EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 6:0 a.m.6 views

CVE-2026-12083

The Admin and Site Enhancements ASE WordPress plugin before 8.8.4, admin-site-enhancements-pro WordPress plugin before 8.8.4 does not perform authentication, authorization, or nonce checks on a role-restoration request handler, allowing unauthenticated attackers to restore a previously demoted...

8.1CVSS6AI score0.00295EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/07/02 3:37 p.m.11 views

CVE-2026-53492

A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface CRI implementation, which allows Kubernetes to interact with container runtimes, improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image metadata during...

9.6CVSS5.9AI score0.00412EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 7:16 p.m.7 views

CVE-2026-53492

containerd is an open-source container runtime. In Versions prior to 2.3.2, 2.2.5 and 2.1.9, the CRI implementation improperly trusts Container Device Interface CDI annotations found within untrusted checkpoint image metadata during container restoration. When restoring a container from a...

9.6CVSS0.00412EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/01 6:10 p.m.9 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-9640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restricti...

7.2CVSS6AI score0.00342EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 4:16 p.m.9 views

CVE-2026-9640

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS0.00342EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/26 3:50 p.m.6 views

EUVD-2026-39794

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References4
OSV
OSV
added 2026/06/26 3:50 p.m.3 views

CVE-2026-9640 LXD Snapshot Import Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of project-restriction policies during snapshot restoration.. An authenticated project operator in a restricted multi-tenant environment can bypass policy...

7.2CVSS6AI score0.00342EPSS
Exploits1References7
Veracode
Veracode
added 2026/06/26 11:50 a.m.7 views

Session Hijacking

Chainlit is vulnerable to Session Hijacking. The vulnerability is due to missing ownership verification during WebSocket session restoration, where a valid sessionId can be used to restore another user's authenticated session, allowing attackers to gain unauthorized access with the victim's...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52844

Name of the Vulnerable Software and Affected Versions LXD versions 6.0 through 6.8 LXD versions 5.21.0 through 5.21.4 LXD versions 5.0.0 through 5.0.6 Description An issue exists in the handling of project-restriction policies during snapshot restoration. An authenticated project operator in a...

7.2CVSS5.8AI score0.00342EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

Ubuntu 25.10 / 26.04 LTS : containerd-stable vulnerabilities (USN-8473-1)

The remote Ubuntu 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8473-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd...

9.9CVSS7.3AI score0.00781EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...

5.5CVSS5.9AI score0.00126EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/22 4:25 p.m.13 views

Missing Authorization

Overview chainlit is a Build Conversational AI. Affected versions of this package are vulnerable to Missing Authorization via the restoreexistingsession path in the WebSocket session restoration. An attacker can gain unauthorized access to another user's session and assume their permissions and...

8.8CVSS5.9AI score0.00256EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 4:16 p.m.14 views

CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

8.8CVSS0.00256EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:31 p.m.3 views

CVE-2026-41048

Incorrect caching of authentication between different polkit methods in qSnapper before version 1.3.3 allowed a local attacker to use functions like "restore from snapshot" even if only allowed to do "delete snapshot"...

8.4CVSS5.9AI score0.00133EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:17 p.m.3 views

CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

9.1CVSS5.9AI score0.00256EPSS
Exploits0References5
Rows per page
Query Builder