Lucene search
K

31 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: This vulnerability prevents a wraparound in the schema length during the trace fill operation. The ioam6fillTraceData function stores the schema contribution to the trace length in an u8 type variable. When bit 2...

9.8CVSS6.1AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:5 p.m.21 views

CVE-2026-53862

OpenClaw prior to 2026.5.12 is affected by a bootstrap token replay vulnerability that allows callers with pending token access to reuse tokens for broader scopes, potentially escalating pairing authority before approval. The issue is described in the CVE as allowing bootstrap tokens to be replay...

5.4CVSS5.3AI score0.00088EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:34 a.m.7 views

CVE-2026-45254

In the case of the capnet service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.4 views

PT-2026-36415

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap buffer overflow occurs in the wilc1000 WiFi driver due to an integer overflow in the SSID scan buffer size calculation. The variable valuesize is declared as a u8 an 8-bit unsigne...

7.8CVSS5.7AI score0.00143EPSS
Exploits0References19
CVE
CVE
added 2026/04/28 6:9 p.m.9 views

CVE-2026-41380

OpenClaw vulnerable before 2026.3.28 via exec-approvals-allowlist.ts: an execution-approval weakness lets one-time allow-always entries persistently trust wrapper carrier executables routed through dispatch wrappers, broadening the allowlist and weakening execution boundaries. CVSS 3.1/4.0 indica...

7.3CVSS5.5AI score0.00124EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/27 10:29 p.m.11 views

GHSA-FQW4-MPH7-2VR8 OpenClaw: Silent privilege escalation via gateway shared-auth reconnect

Summary Gateway local shared-auth reconnect silently widens paired device scope from operator.read to operator.admin and reach node RCE Affected Packages / Versions - Package: openclaw - Affected versions: = 2026.3.24 - First patched version: 2026.3.25 - Latest published npm version at verificati...

9.4CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4565 Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/26 10:49 p.m.4 views

EUVD-2026-8795

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations...

4.9CVSS5.3AI score0.00352EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/26 10:49 p.m.7 views

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations

This report shows a scope-widening issue in the rotate re-encrypt flow: the output scope can be derived from untrusted spec.template.metadata.annotations on the input sealed secret. If a victim sealed secret is strict- or namespace-scoped, an attacker who can submit it to the rotate endpoint can...

4.9CVSS5.5AI score0.00352EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/26 9:30 a.m.6 views

BIT-SEALED-SECRETS-2026-22728 Bitnami Sealed Secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS5.7AI score0.00352EPSS
Exploits0References2
CVE
CVE
added 2026/02/26 12:50 a.m.31 views

CVE-2026-22728

CVE-2026-22728 concerns Bitnami Sealed Secrets during the secret rotation flow (/v1/rotate). The rotation process derives the new sealing scope from input SealedSecret metadata, and untrusted annotations in the template can widen the scope to cluster-wide (sealedsecrets.bitnami.com/cluster-wide=t...

4.9CVSS5.5AI score0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/26 12:50 a.m.5 views

CVE-2026-22728 sealed-secrets /v1/rotate can widen sealing scope to cluster-wide via attacker-controlled template annotations

Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation /v1/rotate flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim...

4.9CVSS6AI score0.00352EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.4 views

CVE-2025-68736

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a way that...

5.8AI score0.00171EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/24 12:9 p.m.29 views

CVE-2025-68736 landlock: Fix handling of disconnected directories

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a way that...

0.00171EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-68736

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have bee...

5.9AI score0.00171EPSS
Exploits0References4
OSV
OSV
added 2025/06/18 10:15 a.m.2 views

UBUNTU-CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

5.5CVSS6.2AI score0.00154EPSS
Exploits0References13
OSV
OSV
added 2025/03/27 5:15 p.m.1 views

UBUNTU-CVE-2023-53032

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmapipcreate function. When firstip is 0, lastip is 0xFFFFFFFF, and netmask is 31, the value of an arithmetic expression 2 netmask - maskbits - 1 is subject to overflow due to ...

5.5CVSS6.1AI score0.00191EPSS
Exploits0References10
OSV
OSV
added 2025/02/27 3:15 a.m.1 views

DEBIAN-CVE-2025-21736

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfsfiemap Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by being prepared to go through potentially maxblocks == INTMAX blocks, the value in n may experience an overflow...

5.5CVSS5.7AI score0.00216EPSS
Exploits0References1
OSV
OSV
added 2025/02/27 3:15 a.m.4 views

AZL-57832 CVE-2025-21736 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfsfiemap Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by being prepared to go through potentially maxblocks == INTMAX blocks, the value in n may experience an overflow...

5.5CVSS5.7AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2024/05/30 4:15 p.m.26 views

CVE-2024-36948

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...

5.5CVSS6.8AI score0.0018EPSS
Exploits0References2
Rows per page
Query Builder