Lucene search
K

17066 matches found

vulnersOsv
vulnersOsv
added 2026/05/04 5:28 p.m.8 views

org.apache.polaris:polaris-extensions-auth-opa-tests (>=1.3.0-incubating <=1.4.0), org.apache.polaris:polaris-runtime-spark-tests (>=1.0.0-incubating <=1.4.0) +3 more potentially affected by CVE-2026-42809 via org.apache.polaris:polaris-runtime-service (>=1.0.0-incubating <=1.4.0)

org.apache.polaris:polaris-runtime-service MAVEN version =1.0.0-incubating, =1.3.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.4.0 Source cves: CVE-2026-42809 Source advisory: SNYK:JAVA-ORGAPACHEPOLARIS-16422853...

9.9CVSS5.8AI score0.00355EPSS
Exploits0
Snyk
Snyk
added 2026/05/04 5:28 p.m.11 views

Missing Authorization

Overview org.apache.polaris:polaris-runtime-service is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this...

9.9CVSS6AI score0.00355EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/04 5:26 p.m.8 views

org.apache.polaris:polaris-extensions-auth-opa-tests (>=1.3.0-incubating <=1.4.0), org.apache.polaris:polaris-runtime-spark-tests (>=1.0.0-incubating <=1.4.0) +3 more potentially affected by CVE-2026-42812 via org.apache.polaris:polaris-runtime-service (>=1.0.0-incubating <=1.4.0)

org.apache.polaris:polaris-runtime-service MAVEN version =1.0.0-incubating, =1.3.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.4.0 Source cves: CVE-2026-42812 Source advisory: SNYK:JAVA-ORGAPACHEPOLARIS-16422548...

9.9CVSS5.8AI score0.00364EPSS
Exploits0
Snyk
Snyk
added 2026/05/04 5:26 p.m.10 views

Incorrect Authorization

Overview org.apache.polaris:polaris-runtime-service is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this...

9.9CVSS5.8AI score0.00364EPSS
Exploits0References2
Veracode
Veracode
added 2026/05/04 12:12 p.m.11 views

Authentication Bypass

Apache Camel is vulnerable to Authentication Bypass. The vulnerability is due to the authentication handler matching only the exact configured context path, not its subpaths, where unauthenticated requests to subpaths can reach protected business routes and management endpoints without being...

8.2CVSS5.8AI score0.00622EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/04 2:3 a.m.12 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS6.3AI score0.02279EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/04 1:40 a.m.8 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.5CVSS6.3AI score0.02279EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/04 1:37 a.m.9 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.5CVSS6.3AI score0.02279EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.14 views

RHEL 9 : .NET 8.0 (RHSA-2026:13283)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13283 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6.4AI score0.02279EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.5 views

RHEL 9 : .NET 9.0 (RHSA-2026:13282)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13282 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6.4AI score0.02279EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.6 views

RHCOS 4 : OpenShift Container Platform 4.14.29 (RHSA-2024:3700)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3700 advisory. - cri-o: malicious container can create symlink on host CVE-2024-5154 Note that Nessus has not tested for this issue but has instead relied...

8.1CVSS7.3AI score0.01237EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.6 views

RHEL 10 : .NET 9.0 (RHSA-2026:13280)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13280 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6.4AI score0.02279EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.7 views

RHCOS 4 : OpenShift Container Platform 4.12.60 (RHSA-2024:4008)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4008 advisory. - cri-o: malicious container can create symlink on host CVE-2024-5154 Note that Nessus has not tested for this issue but has instead relied...

8.1CVSS5.8AI score0.01237EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/05/03 12:31 a.m.4 views

arbor-ai (>=0.1.5 <=0.1.14), coreason-runtime (>=0.1.0 <=0.31.0) +10 more potentially affected by CVE-2026-7669 via sglang (>=0.4.5 <=0.5.2)

sglang PYPI version =0.4.5, =0.1.5, =0.1.0, =1.1.0, =2.0.0b40, =0.0.1, =0.1.0, =0.1.0, =0.0.1.post1, =0.0.0, =0.8.0, =0.10.7 Source cves: CVE-2026-7669 Source advisory: OSV:GHSA-6M5F-673F-5VH7...

6.3CVSS6AI score0.00368EPSS
Exploits0
OSV
OSV
added 2026/05/02 8:0 a.m.7 views

MAL-2026-3287 Malicious code in ams-ssk (npm)

Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 31 published versions 1.0.0 through 1.0.33 are malicious. Pairs with common-tg-service, which performs the client-side Telegram account takeover. ams-ssk is the...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/01 9:48 p.m.6 views

CVE-2026-31741

A flaw was found in the Linux kernel's rz-mtu3-cnt counter module. A local user can exploit this by repeatedly writing '0' to the sysfs enable file, which causes the runtime Power Management PM usage count to underflow. This can lead to attempts to access hardware registers with their clocks off,...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 3:16 p.m.4 views

CVE-2026-43015

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...

7.8CVSS0.00126EPSS
Exploits0References8
NVD
NVD
added 2026/05/01 3:16 p.m.4 views

CVE-2026-31740

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rzmtu3channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counter drive...

5.5CVSS0.00122EPSS
Exploits0References5
NVD
NVD
added 2026/05/01 3:16 p.m.5 views

CVE-2026-31741

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: prevent counter from being toggled multiple times Runtime PM counter is incremented / decremented each time the sysfs enable file is written to. If user writes 0 to the sysfs enable file multiple times,...

5.5CVSS0.00122EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/01 2:15 p.m.8 views

EUVD-2026-26614

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...

5.8AI score0.00126EPSS
Exploits0References8
Rows per page
Query Builder