Lucene search
K

116488 matches found

RedHat Linux
RedHat Linux
added 1 hour ago3 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.47 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.47 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

7.8CVSS0.00353EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 1 hour ago3 views

Important: Red Hat Security Advisory: oci-seccomp-bpf-hook security update

An update for oci-seccomp-bpf-hook is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS0.00813EPSS
Exploits0References2
NVD
NVD
added 4 hours ago4 views

CVE-2026-14495

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS
Exploits0References5
The Hacker News
The Hacker News
added 4 hours ago8 views

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

Researchers at Nebula Security have disclosed GhostLock CVE-2026-43499, a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched. The vulnerable code has shipped by default in essentially every mainstream distribution since 2011. T...

7.8CVSS6AI score0.00125EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 5 hours ago3 views

CVE-2026-14495

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS5.9AI score
Exploits0References6
CVE
CVE
added 5 hours ago9 views

CVE-2026-14495

CVE-2026-14495 affects DoLogin Security for WordPress up to version 4.3. The issue is an authentication bypass caused by insufficient randomness in the dologin token: the PRNG is seeded with mt_srand((double) microtime() * 1000000), discarding the integer-seconds and giving ~10^6 seeds (~20 bits ...

8.8CVSS5.9AI score
Exploits0References5
Cvelist
Cvelist
added 5 hours ago11 views

CVE-2026-14495 DoLogin Security <= 4.3 - Unauthenticated Authentication Bypass via Insufficient Randomness via 'dologin' Parameter Weak PRNG Token

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS
Exploits0References5
EUVD
EUVD
added 5 hours ago5 views

EUVD-2026-42167

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologin\s::rrand seeds the Mersenne Twister with mtsranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS5.9AI score
Exploits0References5
NVD
NVD
added 5 hours ago5 views

CVE-2026-14158

The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widgetlogicvisualcheckvisibility function. This is due to missing capability check and nonce verification on the widget-logic-update-conditional-tags AJAX action...

8.8CVSS
Exploits0References4
Cvelist
Cvelist
added 6 hours ago10 views

CVE-2026-14158 Widget Logic Visual <= 1.52 - Authenticated (Subscriber+) Remote Code Execution via 'nwlv[cod-tag]' Parameter

The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widgetlogicvisualcheckvisibility function. This is due to missing capability check and nonce verification on the widget-logic-update-conditional-tags AJAX action...

8.8CVSS
Exploits0References4
CVE
CVE
added 6 hours ago12 views

CVE-2026-14158

The Widget Logic Visual plugin for WordPress is affected by a Remote Code Execution vulnerability in all versions up to 1.52. The issue arises in the widget_logic_visual_check_visibility flow and the widget-logic-update-conditional-tags AJAX action due to missing capability check and nonce verifi...

8.8CVSS6.3AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 6 hours ago2 views

CVE-2026-14158

The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widgetlogicvisualcheckvisibility function. This is due to missing capability check and nonce verification on the widget-logic-update-conditional-tags AJAX action...

8.8CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added 6 hours ago5 views

EUVD-2026-42161

The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widgetlogicvisualcheckvisibility function. This is due to missing capability check and nonce verification on the widget-logic-update-conditional-tags AJAX action...

8.8CVSS6.3AI score
Exploits0References4
GithubExploit
GithubExploit
added 6 hours ago21 views

Exploit for Unrestricted Upload of File with Dangerous Type in Joomlack Page_Builder_Ck

CVE-2026-56290 - Compagebuilderck Mass Exploit ⚠️ Disclai...

10CVSS6.1AI score0.00356EPSS
Exploits3
Fedora
Fedora
added 9 hours ago3 views

[SECURITY] Fedora 44 Update: docker-compose-5.3.0-1.fc44

Define and run multi-container applications with Docker...

9.6CVSS5.9AI score0.00412EPSS
Exploits0
Positive Technologies
Positive Technologies
added 10 hours ago8 views

PT-2026-56322

The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because dologins::rrand seeds the Mersenne Twister with mt sranddouble microtime 1000000 — discarding the integer-second...

8.8CVSS5.9AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 10 hours ago7 views

PT-2026-56310

The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widget logic visual check visibility function. This is due to missing capability check and nonce verification on the widget-logic-update-conditional-tags AJAX...

8.8CVSS6.3AI score
Exploits0References5
Amazon
Amazon
added 10 hours ago2 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00904EPSS
Exploits0
Amazon
Amazon
added 10 hours ago3 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00904EPSS
Exploits0
Amazon
Amazon
added 10 hours ago2 views

Important: ecs-init

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt ...

9.6CVSS7AI score0.00904EPSS
Exploits0
Rows per page
Query Builder