CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

RedhatCVE•added 2026/03/26 3:2 p.m.•2 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.00008EPSS

Exploits0References1

NVD•added 2026/03/18 6:16 a.m.•6 views

CVE-2026-32606

7.6CVSS0.00008EPSS

Exploits0References5

Cvelist•added 2026/03/18 5:14 a.m.•24 views

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

7.6CVSS0.00008EPSS

Exploits0References5

Vulnrichment•added 2026/03/18 5:14 a.m.•2 views

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

7.6CVSS5.8AI score0.00008EPSS

Exploits0References5

OSV•added 2026/03/16 4:26 p.m.•2 views

GHSA-WJ2J-QWCF-CFCC IncusOS has a LUKS encryption bypass due to insufficient TPM policy

The default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel UKI boot image. That's...

7.6CVSS5.8AI score0.00008EPSS

Exploits0References7

Vulnrichment•added 2026/02/18 12:0 a.m.•5 views

CVE-2026-24708

An issue was discovered in OpenStack Nova before 30.2.2, 31 before 31.2.1, and 32 before 32.1.1. By writing a malicious QCOW header to a root or ephemeral disk and then triggering a resize, a user may convince Nova's Flat image backend to call qemu-img without a format restriction, resulting in a...

8.2CVSS5.5AI score0.00019EPSS

Exploits0References2

Debian CVE•added 2026/02/18 12:0 a.m.•7 views

CVE-2026-24708

8.2CVSS5.3AI score0.00019EPSS

Exploits0

SUSE CVE•added 2023/02/15 5:33 a.m.•2 views

SUSE CVE-2013-7130

The icreateimagesandbacking aka createimagesandbacking method in libvirt driver in OpenStack Compute Nova Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users vi...

7.1CVSS6.5AI score0.03132EPSS

Exploits0References3

ATTACKERKB•added 2022/06/14 7:15 p.m.•2 views

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

7.8CVSS5.5AI score0.00039EPSS

Exploits0References3Affected Software1

Prion•added 2022/06/14 7:15 p.m.•23 views

Code injection

7.2CVSS7.7AI score0.00039EPSS

Exploits0References2Affected Software1

CVE•added 2022/06/14 6:39 p.m.•65 views

CVE-2022-31590

CVE-2022-31590 affects SAP PowerDesigner Proxy 16.7. An attacker with low privileges and local access can bypass root-disk access restrictions to write a program file on the system disk root, which could be executed with elevated privileges during startup or reboot, potentially impacting confiden...

7.8CVSS7.7AI score0.00039EPSS

Exploits0References2Affected Software1

CNNVD•added 2022/06/14 12:0 a.m.•1 views

SAP PowerDesigner 代码问题漏洞

SAP PowerDesigner, a database design software from SAP, is vulnerable to a code issue in SAP PowerDesigner Proxy version 16.7, which could be exploited by attackers to bypass system root disk access restrictions, write or create program files on the system disk root path, and elevate the privileg...

7.8CVSS5.8AI score0.00039EPSS

Exploits0References4

OSV•added 2022/05/17 1:29 a.m.•6 views

GHSA-99RX-9X8V-9J8P OpenStack Nova Live migration can leak root disk into ephemeral storage

8.7CVSS6.1AI score0.03132EPSS

Exploits0References17

Citrix•added 2017/02/27 12:0 a.m.•8 views

Error: "Unable to connect server" when connecting XenCenter to a Pool Master

Cannot connect to Pool Master by using XenCenter. XenCenter gives anerror message: Unable to connect to server '10.90.206.83'. Could not find XenServer on '10.90.206.83'. Check that XenServer is configured correctly on '10.90.206.83 and try again. However, Pool Master is accessible by SSH. The...

7.3AI score

Exploits0

Citrix•added 2017/01/18 12:0 a.m.•6 views

XenServer Fails to Boot with Boot from SAN Root Disk Multipathing:"Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)"

The XenServer host has recently been updated with a hotfix that updates the kernel. After patching the XenServer host is in a boot loop. During startup there is a message"Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block0,0" followed by a call trace: The initrd file size i...

7AI score

Exploits0

CNVD•added 2016/03/09 12:0 a.m.•1 views

OpenStack Compute Information Disclosure Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. OpenStack Compute Nova is one of the cloud computing construct controllers written in the Python language. The OpenStack Compute...

5.3CVSS7.9AI score0.00339EPSS

Exploits0References1

Ubuntu•added 2014/06/17 9:50 p.m.•80 views

USN-2247-1: OpenStack Nova vulnerabilities

Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS...

7.1CVSS5.5AI score0.03132EPSS

Exploits2