Lucene search
K

1142 matches found

Cvelist
Cvelist
added 2026/06/25 8:39 a.m.31 views

CVE-2026-53208 Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

0.00122EPSS
Exploits0References8
CVE
CVE
added 2026/06/19 3:51 p.m.18 views

CVE-2017-20262

CVE-2017-20262 affects the Joomla! extension Ajax Quiz (version 1.8). The vulnerability is an SQL injection in the cid parameter, exploitable via GET requests to index.php with option=com_ajaxquiz and view=ajaxquiz. An unauthenticated attacker can execute arbitrary SQL and retrieve sensitive data...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 3:51 p.m.37 views

CVE-2017-20262 Joomla! Component Ajax Quiz 1.8 SQL Injection

Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. Attackers can send GET requests to index.php with the option=comajaxquiz and view=ajaxquiz paramete...

8.8CVSS0.00334EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 3:51 p.m.6 views

EUVD-2017-18989

Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. Attackers can send GET requests to index.php with the option=comajaxquiz and view=ajaxquiz paramete...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, from drivers/block/nbd.c up to version 5.10.12, there is a use-after-free in the nbdaddsocket function. This issue could be triggered by local attackers who have access to the nbd device. The attack occurs during I/O requests at a certain point in device setup, specifically...

7CVSS6.6AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

The vgacon subsystem in the Linux kernel before version 5.8.10 mishandles software scrollback operations. There is an out-of-bounds read in vgaconscrolldelta, also known as CID-973c096f6a85...

5.9CVSS6.7AI score0.00519EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel, specifically with versions up to 5.9.1, when used with Xen in versions up to 4.14.x. Users of guest operating systems may experience a denial of service where the host operating system hangs due to a high rate of events affecting dom0, also known as...

5.5CVSS6.5AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50939

Name of the Vulnerable Software and Affected Versions Joomla! Component Ajax Quiz version 1.8 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code through the cid parameter. Attackers can send GET requests to...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/06/15 8:44 p.m.14 views

Netty: QUIC stateless reset token material exposed through header-visible connection IDs

Summary Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server's current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers...

4.8CVSS5.4AI score0.00204EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/30 4:17 p.m.25 views

CVE-2018-25425

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/30 2:55 p.m.20 views

CVE-2018-25425

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/30 2:55 p.m.12 views

CVE-2018-25425 Yot CMS 3.3.1 SQL Injection via aid and cid Parameters

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/30 2:55 p.m.34 views

CVE-2018-25425 Yot CMS 3.3.1 SQL Injection via aid and cid Parameters

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 2:55 p.m.14 views

EUVD-2018-21947

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/05/30 2:55 p.m.22 views

CVE-2018-25425

Technical details about CVE-2018-25425 are not publicly available in the provided documents. Monitor for updates.

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/30 2:55 p.m.36 views

CVE-2018-25406 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/30 2:55 p.m.10 views

CVE-2018-25407 eNdonesia Portal 8.7 SQL Injection via mod.php

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/30 2:55 p.m.8 views

CVE-2018-25407

eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/30 2:55 p.m.20 views

CVE-2018-25407

CVE-2018-25407 affects eNdonesia Portal 8.7, where multiple SQL injection flaws in mod.php allow unauthenticated attackers to execute arbitrary SQL via parameters such as artid, cid, did, contid, and aboutid across the publisher, diskusi, galeri, content, and about modules. The issue can be used ...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/05/30 2:55 p.m.22 views

CVE-2018-25406

CVE-2018-25406 affects the eNdonesia Portal 8.7, where multiple SQL injection vulnerabilities allow unauthenticated attackers to run arbitrary SQL queries via mod.php. The attacker can inject SQL through parameters artid, cid, did, contid, and aboutid across modules including publisher, diskusi, ...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Rows per page
Query Builder