Lucene search
K

61323 matches found

CVE
CVE
added 2026/06/16 6:51 p.m.13 views

CVE-2026-0144

The CVE-2026-0144 issue is described as a memory safety flaw in writeAocCommand of AocAudioCodec.cpp caused by a missing bounds check, potentially enabling remote denial of service without user interaction. Exploitation details, affected products/versions, and remediation are not provided in the ...

6.5CVSS5.7AI score0.00253EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.20 views

CVE-2026-0141

In decodeAppPacket of RtcpAppPacket.cpp, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.002EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.13 views

CVE-2026-0141

CVE-2026-0141 describes a likely out-of-bounds read in decodeAppPacket of RtcpAppPacket.cpp caused by a missing bounds check. The vulnerability enables a remote information disclosure without requiring additional execution privileges and without user interaction. Public references in the provided...

4.3CVSS5.7AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0139

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00277EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.12 views

CVE-2026-0139

CVE-2026-0139 affects the Modem with an out-of-bounds write caused by a missing bounds check, enabling remote code execution without privileges or user interaction. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH). The Android Pixel bulletin and related ...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/16 6:51 p.m.11 views

CVE-2026-0136

CVE-2026-0136 affects the Modem component, where a missing bounds check allows an out-of-bounds read. This can lead to remote denial of service without user interaction and with no additional execution privileges required. Public references consistently describe it as a DoS condition impacting Mo...

6.5CVSS5.7AI score0.00253EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0136

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.23 views

CVE-2026-0133

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00067EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.12 views

CVE-2026-0133

Affected component: arm-smmu-v3.c (smmu_attach_dev). The issue is a missing permission check that can allow signing malicious Android Runtime bootclass artifacts, enabling local escalation of privilege without extra execution privileges. Exploitation requires local access; user interaction is not...

7.8CVSS5.6AI score0.00067EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.20 views

CVE-2026-0129

In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

0.00168EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.10 views

CVE-2026-0129

The CVE-2026-0129 entry concerns RtcpByePacket::decodeByePacket with a missing bounds check that can lead to remote information disclosure. The available sources (NVD, OSV, PT security, Android Pixel bulletin) indicate this is related to libpixelimsmedia and triggers information disclosure withou...

3.5CVSS5.7AI score0.00168EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.21 views

CVE-2026-0126

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00277EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/16 5:37 p.m.4 views

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References4
OSV
OSV
added 2026/06/16 5:34 p.m.6 views

GHSA-9C59-2MVC-VFR8 Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7 Endpoints

Summary Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations on user-owned resources — messages, sessions, build artifacts, and LLM transaction logs — without verifying that the authenticated requester owns the targeted resource. Any authenticated...

8.8CVSS5.7AI score0.00291EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/16 2:45 p.m.6 views

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/16 2:34 p.m.16 views

Natural Language Toolkit (NLTK): URL-Encoded Path Traversal in nltk.data.load() Allows Arbitrary Local File Read

Summary nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments when using the nltk: URL scheme. The unsafe-path regex check is performed before url2pathname decodes the %xx sequences a classic decode-after-check / TOCTOU-style flaw, allowing ...

7.5CVSS5.5AI score0.00378EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/16 12:57 p.m.6 views

CVE-2026-53438

A flaw was found in Jenkins. A missing permission check allows an attacker, who has 'Item/Cancel' permission but lacks 'Item/Read' permission, to cancel queue items they are not authorized to view. This could lead to unauthorized disruption of queued tasks within Jenkins...

6.5CVSS5.2AI score0.00213EPSS
Exploits0References4
OSV
OSV
added 2026/06/16 12:8 p.m.5 views

ROOT-APP-NPM-CVE-2021-3803 CVE-2021-3803 in @rootio/nth-check - Patched by Root

Root has patched CVE-2021-3803 in the @rootio/nth-check package for Root:npm. Multiple fixed versions available...

7.5CVSS5.4AI score0.02014EPSS
Exploits1
OSV
OSV
added 2026/06/16 11:50 a.m.5 views

BIT-MYSQL-CLIENT-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

8.1CVSS5.2AI score0.00229EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/16 11:8 a.m.67 views

Exploit for Improper Authentication in Checkpoint Gaia_Os

CVE-2026-50751 Scanner Multi-target detection scanner for CV...

9.3CVSS6.2AI score0.71051EPSS
Exploits5
Rows per page
Query Builder