Lucene search
K

2459 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sfc: Fixed the TX channel offset when using legacy interrupts. In the legacy interrupt mode, the txchanneloffset was hardcoded to 1, but this is incorrect if efxsepparatetxChannels is set to false. In that case, the offset is 0...

5.5CVSS5.3AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda: Fixed an error related to the names of surround channels in version 9.1. The getlineoutpfx function may trigger an error due to overflowing a static array with more than 8 channels. This issue was reported on...

5.5CVSS6AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: sfc: fixed the issue where all channels had TX queues. Normally, all channels have both RX and TX queues. However, this is not true when modparam efxseparatetxchannels=1 is used. In such cases, some channels only have RX queue...

5.5CVSS5.9AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Side-channel information leakage in keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS6.8AI score0.00622EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iio: accel: sca3300: fixed uninitialized iio scan data Fixed the potential leakage of uninitialized stack data into the user space by ensuring that the channels array is cleared before use...

5.5CVSS6AI score0.00128EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 1:1 p.m.6 views

GHSA-29JH-8CFQ-RR8X ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

2.3CVSS6.2AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/18 1:1 p.m.8 views

ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

6.1AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50740

Name of the Vulnerable Software and Affected Versions Zitadel versions 4.0.0 through 4.15.1 Zitadel versions 3.0.0 through 3.4.11 Description A Server-Side Request Forgery SSRF issue exists in components that handle outgoing HTTP requests, specifically HTTP Notification Channels, OIDC BackChannel...

2.3CVSS6AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49771

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description An issue in internal and webchat command authentication allows senders to inherit wildcard ownerAllowFrom state across channel boundaries. This enables attackers to send commands on affected...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References5
NVD
NVD
added 2026/06/12 9:16 p.m.11 views

CVE-2026-44786

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any MessageBus...

7.5CVSS0.00259EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:22 p.m.23 views

CVE-2026-44786

CVE-2026-44786 affects Discourse: versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1 allow chat events from public category channels to be published to MessageBus without proper permission scoping, enabling any MessageBus subscr...

7.5CVSS5.3AI score0.00259EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/12 8:22 p.m.31 views

CVE-2026-44786 Discourse: Public chat MessageBus broadcasts are not restricted to chat-eligible users

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any MessageBus...

7.5CVSS0.00259EPSS
Exploits0References1
Circl
Circl
added 2026/06/12 11:0 a.m.7 views

CVE-2026-53646

creationtimestamp| type| source ---|---|--- 2026-06-12 11:00:12+00:00| published-proof-of-concept| Telegram/YXCyRYfB5puG4zVuSsqFt0CqpucG34vnwOdsG1DKfw8sOUE 2026-06-12 15:00:07+00:00| published-proof-of-concept| Telegram/ycLXaxSGB-ldONYQWC7S6J3lanIcH0nsjxJAaBzeM5ug0Y...

5.8AI score0.00041EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-48983

Name of the Vulnerable Software and Affected Versions Discourse versions 2026.1.0 through 2026.1.3 Discourse versions 2026.3.0 Discourse versions 2026.4.0 Description Chat events for public category channels are published to the MessageBus without permission scoping. This allows any MessageBus...

7.5CVSS5.3AI score0.00259EPSS
Exploits0References6
NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2026-47176

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...

5.7CVSS0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 6:29 p.m.10 views

EUVD-2026-36276

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...

5.7CVSS5.3AI score0.00251EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 6:29 p.m.74 views

CVE-2026-47176

CVE-2026-47176 affects the Quest Bot (open-source Discord bot) prior to version 1.0.4. The vulnerability arises in the logging module: a user who can configure bot settings can enable logging and select a logging channel they can read, which allows the bot to log deleted and edited message conten...

5.7CVSS5.4AI score0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 6:29 p.m.8 views

CVE-2026-47176 Quest Bot: Logging module can disclose private-channel message contents to a lower-visibility log channel

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...

5.7CVSS5.3AI score0.00251EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 12:51 a.m.16 views

CLEANSTART-2026-WA48911 authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users

Multiple security vulnerabilities affect the percona-server-mongodb-operator package. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. See...

9.8CVSS5.5AI score0.01027EPSS
Exploits2References61
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

Quest Bot 信息泄露漏洞

Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.4 contained an information leakage vulnerability. This vulnerability stemmed from the logging feature not restricting channel access, allowing configured users to...

5.7CVSS5.3AI score0.00251EPSS
Exploits0References1
Rows per page
Query Builder