Lucene search
K

1423 matches found

Snyk
Snyk
added 2026/05/04 8:11 p.m.6 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...

8.6CVSS5.8AI score0.00424EPSS
Exploits2References2
Snyk
Snyk
added 2026/05/04 8:11 p.m.11 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the JoinWorkflowSpec process. An attacker can gain unauthorized access to host networking, override service account assignments, modify pod security contexts, add tolerations, or enable service account token...

8.6CVSS5.8AI score0.00424EPSS
Exploits2References2
OSV
OSV
added 2026/05/04 8:11 p.m.5 views

GHSA-3775-99MW-8RP4 Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure

The fix for CVE-2026-31892 commit 534f4ff blocks podSpecPatch when templateReferencing: Strict is active, but doesn't restrict other WorkflowSpec fields that flow through the same merge path and get applied to pods. A user can set hostNetwork: true, override serviceAccountName, or change...

8.1CVSS5.8AI score0.00424EPSS
Exploits2References8
Github Security Blog
Github Security Blog
added 2026/05/04 8:11 p.m.10 views

Argo has incomplete fix for CVE-2026-31892: hostNetwork, securityContext, serviceAccountName bypass templateReferencing Strict/Secure

The fix for CVE-2026-31892 commit 534f4ff blocks podSpecPatch when templateReferencing: Strict is active, but doesn't restrict other WorkflowSpec fields that flow through the same merge path and get applied to pods. A user can set hostNetwork: true, override serviceAccountName, or change...

9.9CVSS7.3AI score0.00424EPSS
Exploits2References8Affected Software2
Veracode
Veracode
added 2026/05/04 8:36 a.m.12 views

Authentication Bypass

Spring gRPC is vulnerable to Authentication Bypass. The vulnerability is due to improper clearing of the authenticated security context on gRPC worker threads, where a previously authenticated identity may persist after an access denial and be reused by a subsequent request, potentially leading t...

8.8CVSS5.8AI score0.00171EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.12 views

PT-2026-37194

Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to 3.7.14 Argo Workflows versions prior to 4.0.5 Description A user with create Workflow permission can bypass the templateReferencing: Strict and Secure restrictions. This occurs because the system only blocks th...

8.1CVSS5.8AI score0.00424EPSS
Exploits2References15
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.14 views

SUSE CVE-2026-31717

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows any authenticated user to...

8.8CVSS5.8AI score0.00437EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.11 views

PT-2026-36347

Name of the Vulnerable Software and Affected Versions Linux kernel ksmbd affected versions not specified Description The ksmbd SMB server fails to verify if the user attempting to reconnect to a durable handle is the same user who originally opened the file. This allows an authenticated user to...

9.8CVSS5.8AI score0.93235EPSS
Exploits34References291
CVE
CVE
added 2026/04/28 1:42 p.m.28 views

CVE-2026-40968

CVE-2026-40968 affects Spring gRPC 1.0.0–1.0.2 (fixed in 1.0.3; older/unsupported versions also affected). The issue: when an authenticated user is denied access to a gRPC method, the user’s authenticated identity remains bound to a gRPC worker thread and can be inherited by a subsequent unauthen...

8.8CVSS5.2AI score0.00171EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/04/28 12:0 a.m.5 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0
EUVD
EUVD
added 2026/04/28 12:0 a.m.8 views

EUVD-2026-25981

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:0 a.m.4 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.4AI score0.00461EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/28 12:0 a.m.7 views

EUVD-2026-25993

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

5.9CVSS5.6AI score0.0046EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/28 12:0 a.m.6 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization due to improper isolation of the SecurityContext. When an authenticated user experiences an authorization failure, their security context is not properly cleared from the underlying gRPC worker...

8.8CVSS5.8AI score0.00171EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/27 3:30 p.m.8 views

Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...

4.8CVSS5.8AI score0.00193EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:8 p.m.5 views

CVE-2026-35361

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::removedir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind wi...

3.4CVSS5.8AI score0.00142EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils. This vulnerability arises from the process of creating device nodes using mknod and setting SELinux contexts. As a result, nodes with incorrect markings may b...

4.4CVSS5.8AI score0.00142EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/08 6:34 p.m.4 views

EUVD-2026-20503

OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuration has supported integrity NIA1 and NIA2. But if an UE sends initial registration request with only security capability IA0, OpenAirInterface accepts and proceeds. This downgrade security context c...

5.9AI score0.00252EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/30 11:24 p.m.5 views

CVE-2026-33995

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a double-free vulnerability in the Kerberos security context functions, specifically kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA, within the WinPR library...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/03/30 9:43 p.m.3 views

CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

5.3CVSS4.7AI score0.00282EPSS
Exploits0
Rows per page
Query Builder