Lucene search
+L

56 matches found

cnnvd
cnnvd
added 2025/05/12 12:0 a.m.5 views

ToolHive 安全漏洞

ToolHive is a Stacklok open source tool for easily and securely running and managing MCP servers. A security vulnerability exists in ToolHive versions prior to 0.0.33, which stems from a key stored in the runtime configuration file and could lead to a key disclosure...

2.4CVSS6.2AI score0.00112EPSS
Exploits0References3
nessus
nessus
added 2024/08/06 12:0 a.m.20 views

EulerOS 2.0 SP5 : unbound (EulerOS-SA-2024-2078)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound...

8CVSS6.6AI score0.00318EPSS
Exploits0References2
nessus
nessus
added 2024/06/28 12:0 a.m.43 views

EulerOS 2.0 SP12 : unbound (EulerOS-SA-2024-1863)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...

8CVSS6.9AI score0.99995EPSS
Exploits1References4
amazon
amazon
added 2024/06/24 12:0 a.m.5 views

Important: unbound

Issue Overview: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw...

8CVSS6.6AI score0.00318EPSS
Exploits0
nessus
nessus
added 2024/06/03 12:0 a.m.38 views

EulerOS 2.0 SP11 : unbound (EulerOS-SA-2024-1794)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound...

8CVSS6.9AI score0.99995EPSS
Exploits1References4
redhat
redhat
added 2024/05/06 1:15 a.m.5 views

unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.6AI score0.00318EPSS
Exploits0References4
amazon
amazon
added 2024/05/03 12:0 a.m.4 views

Important: unbound

Issue Overview: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw...

8CVSS6.5AI score0.00318EPSS
Exploits0
redhat
redhat
added 2024/04/30 3:10 p.m.6 views

unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.6AI score0.00318EPSS
Exploits0References4
nessus
nessus
added 2024/04/29 12:0 a.m.21 views

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2024-604)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-604 advisory. A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over...

8CVSS6.5AI score0.00318EPSS
Exploits0References4
redhat
redhat
added 2024/04/15 1:46 a.m.4 views

unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.6AI score0.00318EPSS
Exploits0References4
redhat
redhat
added 2024/04/15 1:30 a.m.4 views

unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.6AI score0.00318EPSS
Exploits0References4
redhat
redhat
added 2024/04/11 10:51 a.m.5 views

unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.6AI score0.00318EPSS
Exploits0References4
almalinux
almalinux
added 2024/04/11 12:0 a.m.26 views

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination ...

8CVSS7AI score0.00318EPSS
Exploits0References4
osv
osv
added 2024/03/01 11:7 a.m.4 views

OESA-2024-1210 unbound security update

Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. To help increase online privacy, Unbound supports DNS-over-TLS which allows clients to encrypt their communication. Unbound is available for most...

8CVSS6.4AI score0.99995EPSS
Exploits1References4
susecve
susecve
added 2024/02/17 3:21 a.m.2 views

SUSE CVE-2024-1488

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

7.1CVSS5.5AI score0.00318EPSS
Exploits0References4
osv
osv
added 2024/02/15 5:15 a.m.5 views

CVE-2024-1488

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

7.3CVSS5.7AI score0.00318EPSS
Exploits0References11
ubuntucve
ubuntucve
added 2024/02/15 5:15 a.m.26 views

CVE-2024-1488

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an...

8CVSS6.7AI score0.00318EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/02/13 12:0 a.m.7 views

PT-2024-5855 · Nlnet +5 · Unbound +5

Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can conne...

8CVSS6.2AI score0.00801EPSS
Exploits0References53
ptsecurity
ptsecurity
added 2023/07/07 12:0 a.m.6 views

PT-2023-25868 · Unknown · Tekton Pipelines

Name of the Vulnerable Software and Affected Versions: Tekton Pipelines versions 0.35.0 and later Description: The Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user...

4.3CVSS6.5AI score0.00376EPSS
Exploits1References10
susecve
susecve
added 2023/02/15 4:23 a.m.5 views

SUSE CVE-2018-17188

Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full...

7.2CVSS7.3AI score0.03228EPSS
Exploits0References4
Rows per page
Query Builder