Lucene search
K

14 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

10CVSS7.8AI score0.0168EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.6 views

RHEL 9 : flatpak (RHSA-2026:23419)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23419 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

10CVSS8.3AI score0.0168EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/04 6:40 p.m.7 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...

10CVSS7.7AI score0.0168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/04 6:33 p.m.8 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.6AI score0.0168EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/28 6:2 p.m.15 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS7.6AI score0.0168EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/28 5:41 p.m.12 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...

10CVSS7.7AI score0.0168EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

FastGPT 访问控制错误漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models, developed by Labring. In versions 4.14.10 to 4.14.13 of FastGPT, there was an access control vulnerability. This vulnerability stemmed from the agent-sandbox component’s startup script using the...

9.8CVSS5.8AI score0.00718EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 9:20 p.m.14 views

CVE-2026-5873

CVE-2026-5873 affects Google Chrome (Chromium-based) through the V8 engine, with an out-of-bounds read/write that could allow a remote attacker to execute arbitrary code inside the Chrome sandbox via a crafted HTML page. Multiple connected sources confirm the vulnerability and its association wit...

8.8CVSS6.3AI score0.00379EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-34078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can ...

10CVSS7.6AI score0.0168EPSS
Exploits0References4
OSV
OSV
added 2026/02/11 2:23 p.m.3 views

GHSA-PQQF-7HXM-RJ5R Leaky JWTs in OpenMetadata exposing highly-privileged bot users

Summary Calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services Glue / Redshift / Postgres Details Any read-only user can gain access to a highly privileged account, typically which has the Ingestion Bot Role. This enables destructive changes...

7.6CVSS5.5AI score0.00331EPSS
Exploits1References4
NVD
NVD
added 2026/02/09 9:16 a.m.16 views

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

5.8CVSS0.00165EPSS
Exploits0References1
OSV
OSV
added 2019/02/12 11:29 p.m.1 views

UBUNTU-CVE-2019-8308

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file...

8.2CVSS7.1AI score0.00466EPSS
Exploits0References5
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

CVE-2018-5118

The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is blocked by the...

5.3CVSS7.3AI score0.01578EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/10/23 7:44 a.m.5 views

OpenJDK: unbounded resource use in JceKeyStore deserialization (Serialization, 8181370)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated...

3.1CVSS7.3AI score0.02442EPSS
Exploits0References4
Rows per page
Query Builder