CVE-2026-0204

creationtimestamp| type| source ---|---|--- 2026-04-29 19:01:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mknrwybg7h2w 2026-04-29 19:18:21+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mknsuzqutq2t 2026-04-30 06:01:26+00:00| seen|...

CVE-2026-39958

oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories topics named "Topic Manifests" mirror/debs/manifest/topics.json from remote repository servers, registering them as APT source entries. However, the name field in said...

CVE-2026-39958 oma-topic: name Field in Topic Manifests (topic.json) May Allow CRLF Injection

oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories topics named "Topic Manifests" mirror/debs/manifest/topics.json from remote repository servers, registering them as APT source entries. However, the name field in said...

CVE-2025-2572

creationtimestamp| type| source ---|---|--- 2025-04-14 16:40:17+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114337304886684246 2025-04-14 16:53:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11655 2025-04-14 18:51:18+00:00| seen| https://t.me/cvedetector/22862 2025-04-15...

CVE-2025-3069

creationtimestamp| type| source ---|---|--- 2025-04-02 03:01:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llsfiz3qxk2e 2025-04-02 04:06:56+00:00| seen| https://t.me/cvedetector/21830 2025-04-03 13:34:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10198 2025-04-03...

CVE-2025-1413

creationtimestamp| type| source ---|---|--- 2025-02-28 09:27:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5851 2025-02-28 09:43:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lja4meodgz2w 2025-02-28 10:00:46+00:00| seen|...

CVE-2024-13406

creationtimestamp| type| source ---|---|--- 2025-01-22 07:15:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgct3tc6a62c 2025-01-22 07:49:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lgcuxpwuow2i 2025-01-22 08:02:08+00:00|...

CVE-2024-56242

creationtimestamp| type| source ---|---|--- 2025-01-02 12:20:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2slryjr2o 2025-01-02 19:53:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113760509126694174...

CVE-2022-0185

creationtimestamp| type| source ---|---|--- 2022-01-22 00:20:08+00:00| published-proof-of-concept| Telegram/cZHRCQIb7mVwEwPgUhRmgGXZDJpWRWiHGP56BhZb73fOTWD 2022-01-23 17:17:15+00:00| published-proof-of-concept| https://t.me/NeKaspersky/1716 2022-01-24 07:36:35+00:00| published-proof-of-concept|...

DEBIAN-CVE-2014-4659

Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format...

PYSEC-2020-201

Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format...

DEBIAN-CVE-2014-4660

Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb...

UBUNTU-CVE-2014-4660

Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb...

PYSEC-2020-202

Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb...

PYSEC-2020-202

Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb...

CVE-2016-4656

creationtimestamp| type| source ---|---|--- 2016-08-25 20:59:54+00:00| seen| MISP/57bf5c07-6b40-428e-8f68-4a9a02de0b81 2016-08-26 09:58:41+00:00| seen| MISP/57c0123c-d100-43a8-b874-54a8bce2ab96 2018-06-04 23:30:25+00:00| seen|...

Path traversal

Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sourceslist argument, related to the D-Bus interface...