47 matches found
GHSA-C839-4QXR-J4X3 Incus has an OVN TLS Verification that Accepts Peer-Supplied Roots
Summary Broken TLS validation logic in the OVN database connection logic could allow connections to an attacker's OVN database. OVN uses mTLS for authentication, so the attacker cannot actually perform a full man in the middle attack as they won't be able to authenticated with the real OVN...
CVE-2026-41396 OpenClaw < 2026.3.31 - Environment Variable Override of Plugin Trust Root
OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDPLUGINSDIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by overriding the bundled plugin trust root directory...
PT-2026-35780
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description Workspace .env files can override the OPENCLAW BUNDLED PLUGINS DIR environment variable, which compromises the verification of plugin trust. This allows attackers who have control over the...
Duplicate Advisory: OpenClaw: Workspace plugin auto-discovery allowed code execution from cloned repositories
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-99qw-6mr3-36qr. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust...
CVE-2026-32920
OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust verification, allowing arbitrary code execution. Attackers can execute malicious code by including crafted workspace plugins in cloned repositories that execute when users run...
PT-2026-29228
OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenClaw/extensions/ without explicit trust verification, allowing arbitrary code execution. Attackers can execute malicious code by including crafted workspace plugins in cloned repositories that execute when users run...
Apache Airflow 信任管理问题漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. Versions of Apache Airflow from 1.10.0 to 1.12.0 containe...
PYSEC-2026-103
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...
DEBIAN-CVE-2026-28500
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...
UBUNTU-CVE-2026-28500
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...
CVE-2026-28500
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...
CVE-2026-28500
CVE-2026-28500 affects ONNX up to v1.20.1 where onnx.hub.load() bypasses security checks due to flawed repository trust logic. The silent=True flag silences warnings and prompts, enabling a vector for zero-interaction supply-chain attacks. When combined with filesystem vulnerabilities, an attacke...
ONNX 安全漏洞
ONNX Open Neural Network Exchange is an open standard for machine learning interoperability, developed under the ONNX open source framework. Versions of ONNX prior to 1.20.1 contain security vulnerabilities. These vulnerabilities stem from improper logic in the repository trust verification...
Lockbox -- a Zero Trust Architecture for Secure Processing of Sensitive Cloud Workloads
Enterprises increasingly rely on cloud-based applications to process highly sensitive data artifacts. Although cloud adoption improves agility and scalability, it also introduces new security challenges such as expanded attack surfaces, a wider radius of attack from credential compromise, and...
RiteCMS Cross-Site Request Forgery Vulnerability
RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a cross-site request forgery vulnerability, the vulnerability stems from the page creation and editing functions do not adequately verify whether the request comes from a trusted user, an attacker can use thi...
EUVD-2020-0400
Malware in sbrugna...
EUVD-2017-15845
Malware in sbrugna...
CVE-2020-1929
The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust...
UBUNTU-CVE-2024-12797
Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...
Kliqqi CMS 安全漏洞
Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of the cross-site request forgery vulnerability , the vulnerability stems from /admin/admineditor.php does not adequately verify whether the request is from a trusted user , an attacker can use this...