Monthly
Detection bypass in picklescan versions prior to 0.0.27 allows attackers to smuggle malicious Python pickle files past the scanner by exploiting an off-by-one parsing error in STACK_GLOBAL opcode handling. The flaw, reported by VulnCheck and tracked under GHSA-9gvj-pp9x-gcfr, lets crafted pickles trigger an unexpected exception in _list_globals so dangerous imports such as os.system go unflagged; a working PoC is published in the advisory and a vendor patch is available, though no public exploitation against deployments has been observed.
Unchecked Error Condition vulnerability in Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Envoy is a cloud-native, open source edge and service proxy. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A flaw was found in samba's DNS server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
An error-handling flaw was found in python-ecdsa before version 0.13.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary. Rated high severity (CVSS 7.0). No vendor patch available.
Detection bypass in picklescan versions prior to 0.0.27 allows attackers to smuggle malicious Python pickle files past the scanner by exploiting an off-by-one parsing error in STACK_GLOBAL opcode handling. The flaw, reported by VulnCheck and tracked under GHSA-9gvj-pp9x-gcfr, lets crafted pickles trigger an unexpected exception in _list_globals so dangerous imports such as os.system go unflagged; a working PoC is published in the advisory and a vendor patch is available, though no public exploitation against deployments has been observed.
Unchecked Error Condition vulnerability in Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Envoy is a cloud-native, open source edge and service proxy. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A flaw was found in samba's DNS server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
An error-handling flaw was found in python-ecdsa before version 0.13.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary. Rated high severity (CVSS 7.0). No vendor patch available.