Lucene search
K

1042 matches found

RedHat Linux
RedHat Linux
added 6 days ago12 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update

Red Hat Edge Manager Version 1.0.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS7.1AI score0.01557EPSS
Exploits3References26
RedHat Linux
RedHat Linux
added 6 days ago14 views

Important: Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update

Red Hat Edge Manager Version 1.0.3 Security Update Red Hat Edge Manager RHEM provides simple, scalable, and security-focused management of edge devices and applications. It supports image-mode RHEL and container workloads that run on Podman/Docker or Kubernetes. RHEM is now available as a...

10CVSS6.9AI score0.01735EPSS
Exploits7References28
NVD
NVD
added 2026/07/06 9:16 a.m.10 views

CVE-2026-1433

uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...

4.8CVSS0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 8:12 a.m.30 views

CVE-2026-1433 uniFLOW Universal Login Manager (ULM) Standalone Improper Protection of Sensitive Information Leads to Information Disclosure

uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...

4.8CVSS0.00217EPSS
Exploits0References2
Fedora
Fedora
added 2026/07/02 1:12 a.m.11 views

[SECURITY] Fedora 43 Update: thunderbird-152.0-2.fc43

Mozilla Thunderbird is a standalone mail and newsgroup client...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/07/01 11:42 a.m.7 views

EUVD-2026-40947

@fastify/middie versions 9.1.0 through 9.3.2 fail to guard the URL normalization step used by the standalone engine when incoming request paths contain malformed percent-encoded sequences. Inputs such as an incomplete percent escape or a truncated multibyte sequence cause the underlying decoder t...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 11:42 a.m.20 views

CVE-2026-14181

CVE-2026-14181 affects @fastify/middie versions 9.1.0 through 9.3.2, where the URL normalization step in the standalone engine fails to sanitize malformed percent‑encoded sequences. Inputs such as incomplete escapes or truncated multibyte sequences cause the underlying decoder to throw synchronou...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.10 views

PT-2026-54638

Name of the Vulnerable Software and Affected Versions @fastify/middie versions 9.1.0 through 9.3.2 Description An issue exists in the standalone engine's URL normalization and decoding process where malformed percent-encoded sequences in incoming request paths are not properly guarded...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.8 views

CVE-2026-0411 A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites

An information disclosure vulnerability in the NETGEAR Orbi satellites RBR/RBE/RBS Series could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affected by this vulnerability. Orbi WiFi Systems without satellite devices are not...

7.2CVSS5.3AI score0.00278EPSS
Exploits0References6
Fedora
Fedora
added 2026/06/03 1:18 a.m.14 views

[SECURITY] Fedora 43 Update: python-wsgidav-4.3.4-1.fc43

A generic and extendable WebDAV server written in Python and based on WSGI. Main features: =E2=80=A2 WsgiDAV is a stand-alone WebDAV server with SSL support, that can be installed and run as Python command line script. =E2=80=A2 The python-pam library is needed as extra requirement if pam-login...

5.8AI score0.00072EPSS
Exploits0
OSV
OSV
added 2026/05/29 6:23 p.m.11 views

GHSA-HFC8-W5F4-3X6M Ironic Standalone Operator's controller modifies user-owned resources without consent

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. IRSO controller automatically adds its environment label to user-provided Secrets and ConfigMaps without the resource owner's consent. A high-privilege controller modifying user-owned resources...

4.3CVSS5.8AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/29 6:23 p.m.18 views

Ironic Standalone Operator's controller modifies user-owned resources without consent

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. IRSO controller automatically adds its environment label to user-provided Secrets and ConfigMaps without the resource owner's consent. A high-privilege controller modifying user-owned resources...

5.8AI score
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/29 6:22 p.m.20 views

GHSA-7CWM-FPFH-RRCH Ironic Standalone Operator's prometheus metrics exporter bound to all interfaces

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

4.3CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-47571

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. IRSO controller automatically adds its environment label to user-provided Secrets and ConfigMaps without the resource owner's consent. A high-privilege controller modifying user-owned resources...

4.3CVSS5.5AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.23 views

PT-2026-47556

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

4.3CVSS5.5AI score
Exploits0References4
Snyk
Snyk
added 2026/05/25 7:9 a.m.15 views

Malicious Package

Overview standalone-apps is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fix for crashes occurring when sending Action Frames in standalone AP Mode Currently, whenever an Action Frame needs to be transmitted, the brcmfmac driver always uses the P2P vif to send the “actframe” IOVAR to...

6.1AI score0.00175EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – A memory leak was avoided when enabling statistics. The driver uses monitor destination rings for both extended statistics mode and standalone monitor mode. In extended statistics mode, TLVs are parsed from the...

5.5CVSS6.2AI score0.0013EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2026/05/12 12:0 a.m.61 views

May 12, 2026-KB5087077 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 (build 28000) and later

None None...

7.3CVSS7AI score0.00662EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/11 9:43 a.m.135 views

POC

POC RBKD-SEC: Team-based PoC for vulnerability verification...

9.8CVSS5.8AI score0.00901EPSS
Exploits5
Rows per page
Query Builder