Lucene search
K

3900 matches found

NVD
NVD
added 2026/03/27 12:16 a.m.3 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS0.00447EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 12:16 a.m.7 views

UBUNTU-CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/27 12:16 a.m.6 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.3 views

SUSE SLES15 Security Update : systemd (SUSE-SU-2026:1061-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1061-1 advisory. - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111:...

6.7CVSS6AI score0.00142EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.5 views

SUSE SLED15: libsystemd0 / libsystemd0-32bit / libudev1 / libudev1-32bit / etc (SUSE-SU-2026:1040-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1040-1 advisory. - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus...

6.7CVSS5.9AI score0.00142EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-33945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is...

9.9CVSS6AI score0.00447EPSS
Exploits0References2
OSV
OSV
added 2026/03/26 11:27 p.m.2 views

CVE-2026-33945 Abitrary file write through systemd-creds option

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS6AI score0.00447EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/26 11:27 p.m.29 views

CVE-2026-33945 Abitrary file write through systemd-creds option

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS0.00447EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 11:27 p.m.4 views

CVE-2026-33945 Abitrary file write through systemd-creds option

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS6AI score0.00447EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:27 p.m.5 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/26 11:27 p.m.16 views

CVE-2026-33945

Incus (system container/VM manager) before version 6.23.0 allows privilege escalation via credentials to systemd in the guest. In containers, credentials are passed through a shared directory; an attacker can set a config key like systemd.credential.../../../../../../root/.bashrc, exploiting that...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/03/26 11:27 p.m.4 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.7AI score0.00447EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32063

OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command injection vulnerability in systemd unit file generation where attacker-controlled environment values are not validated for CR/LF characters, allowing newline injection to break out of Environment= lines and inject arbitrary system...

7.8CVSS6.1AI score0.01075EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.4 views

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.6 views

CVE-2026-31979

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...

8.8CVSS5.9AI score0.00196EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2026/03/26 10:36 a.m.3 views

Security update for systemd

This update for systemd fixes the following issues: CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. udev: check for invalid chars in various fields...

7.8CVSS5.9AI score0.00142EPSS
Exploits0References10
OSV
OSV
added 2026/03/26 10:35 a.m.3 views

SUSE-SU-2026:1061-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. - udev: check for invalid chars in various...

6.7CVSS5.9AI score0.00142EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/03/26 8:1 a.m.4 views

systemd: Local unprivileged user can trigger an assert

...

5.5CVSS5.8AI score0.00121EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 6:18 a.m.11 views

Malicious code in checkmarx.cx-dev-assist (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b821135a3f6a7e85f6ed37a383363979118ad6c7b73433dd4882e99f24264155 This extension is a compromised version of the offical Checkmarx VSCode extensions available on the Microsoft Marketplace, by the TeamPCP...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 6:18 a.m.15 views

Malicious code in checkmarx.ast-results (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 3205937565e6fad63cbece12a8463cd52f3e95c10ac99ab7e62a317e9c18717a This extension is a compromised version of the offical Checkmarx VSCode extensions available on the Microsoft Marketplace, by the TeamPCP...

5.9AI score
Exploits0References3
Rows per page
Query Builder