Lucene search
K

421 matches found

NVD
NVD
added 2026/03/25 11:16 a.m.5 views

CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.5CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/03/25 11:16 a.m.6 views

UBUNTU-CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.5CVSS5.6AI score0.00128EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23356 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

0.00128EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.1 views

CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.4AI score0.00128EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23356 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References9
CVE
CVE
added 2026/03/25 10:27 a.m.11 views

CVE-2026-23356

The CVE-2026-23356 issue affects the Linux kernel DRBD subsystem. A logic bug in drbd_al_begin_io_nonblock() could mis-handle a reference-counted extent when lc_get_cumulative() and lc_try_lock() timing collided, risking a crash or incorrect assumption that an activity log extent is active during...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.6 views

PT-2026-25209

Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through = 1.1.3...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.5 views

CVE-2026-25331

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

6.5CVSS5.5AI score0.00156EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.5 views

CVE-2026-25331

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

6.5CVSS0.00156EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.7 views

CVE-2026-25331

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

5.5AI score0.00156EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.3 views

CVE-2026-25331 WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.11 views

CVE-2026-25331

CVE-2026-25331 describes a DOM-based XSS in the WordPress plugin WP Activity Log (Melapress WP Activity Log) through improper input neutralization during web page generation. Affected range is WP Activity Log versions up to and including 5.5.4. The advisory notes this is a cross-site scripting vu...

6.5CVSS5.4AI score0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.34 views

CVE-2026-25331 WordPress WP Activity Log plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

6.5CVSS0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

WordPress plugin WP Activity Log 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.5 views

PT-2026-20699

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through = 5.5.4...

5.5AI score0.00156EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/17 7:55 a.m.6 views

WordPress Super Page Cache plugin <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability

Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability discovered by shark3y in WordPress Plugin Super Page Cache for Cloudflare versions = 5.2.2...

7.2CVSS5.4AI score0.0019EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/15 1:28 p.m.6 views

CVE-2026-1843

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

7.2CVSS5.7AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2026/02/14 9:16 a.m.6 views

CVE-2026-1843

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

7.2CVSS0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/14 8:26 a.m.27 views

CVE-2026-1843 Super Page Cache <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Activity Log

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

7.2CVSS0.0019EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/14 8:26 a.m.4 views

CVE-2026-1843

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

7.2CVSS5.7AI score0.0019EPSS
Exploits0References3
Rows per page
Query Builder