Lucene search
K

38614 matches found

Redos
Redos
added 2026/04/03 12:0 a.m.6 views

ROS-20260403-73-0010

A vulnerability in the proc component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...

7.8CVSS6.9AI score0.00153EPSS
Exploits0
Redos
Redos
added 2026/04/03 12:0 a.m.3 views

ROS-20260403-73-0021

A vulnerability in the venus component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

7.1CVSS7.1AI score0.00149EPSS
Exploits0
Redos
Redos
added 2026/04/03 12:0 a.m.5 views

ROS-20260403-73-0023

A vulnerability in the mm/ptdump component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability allows an attacker to cause a denial of service...

4.7CVSS5.9AI score0.00114EPSS
Exploits0
Redos
Redos
added 2026/04/03 12:0 a.m.7 views

ROS-20260403-73-0026

A vulnerability in the fbdev component of the Linux operating system kernel is related to writing outside of buffer boundaries. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

7.8CVSS6.7AI score0.00162EPSS
Exploits0
Redos
Redos
added 2026/04/03 12:0 a.m.5 views

ROS-20260403-73-0029

A vulnerability in the media component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS6.1AI score0.00159EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/02 9:43 p.m.5 views

CVE-2026-23417

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF component. This vulnerability occurs because the BPFST | BPFPROBEMEM32 immediate stores are not correctly handled by the constant blinding mechanism. As a result, user-controlled 32-bit immediate values can remain unblinded in...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References4
NVD
NVD
added 2026/04/02 8:16 p.m.3 views

CVE-2026-5420

A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.200. The affected element is an unknown function of the file jRwTX.java of the component cats.goods.sort.sorting.games. Performing a manipulation of the argument AESIV/AESPASSWORD results in use of hard-coded...

2.5CVSS0.00099EPSS
Exploits0References4
NVD
NVD
added 2026/04/02 7:21 p.m.12 views

CVE-2026-5418

A vulnerability was identified in appsmithorg appsmith up to 1.97. Impacted is the function computeDisallowedHosts of the file app/server/appsmith-interfaces/src/main/java/com/appsmith/util/WebClientUtils.java of the component Dashboard. Such manipulation leads to server-side request forgery. The...

7.5CVSS0.00303EPSS
Exploits0References5
CVE
CVE
added 2026/04/02 7:0 p.m.9 views

CVE-2026-5420

CVE-2026-5420 affects Shinrays Games Goods Triple App (up to 1.200), specifically the component cats.goods.sort.sorting.games and the file jRwTX.java. The issue arises from manipulating AES_IV/AES_PASSWORD, resulting in the use of a hard-coded cryptographic key. Local attack is required with high...

2.5CVSS5AI score0.00099EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 7:0 p.m.2 views

CVE-2026-5420

A security flaw has been discovered in Shinrays Games Goods Triple App up to 1.200. The affected element is an unknown function of the file jRwTX.java of the component cats.goods.sort.sorting.games. Performing a manipulation of the argument AESIV/AESPASSWORD results in use of hard-coded...

2.5CVSS5AI score0.00099EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/02 4:56 p.m.5 views

CVE-2026-25601

A vulnerability was identified in MEPIS RM, an industrial software product developed by Metronik. The application contained a hardcoded cryptographic key within the Mx.Web.ComponentModel.dll component. When the option to store domain passwords was enabled, this key was used to encrypt user...

6.7CVSS5.9AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/04/02 4:48 p.m.12 views

MGASA-2026-0080 Updated nss & firefox packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-46...

10CVSS7.1AI score0.01279EPSS
Exploits1References5
Mageia
Mageia
added 2026/04/02 4:48 p.m.9 views

Updated nss & firefox packages fix security vulnerabilities

Denial-of-service in the XML component. CVE-2025-59375 Race condition, use-after-free in the Graphics: WebRender component. CVE-2026-4684 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4685 Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-46...

10CVSS6.5AI score0.01279EPSS
Exploits1References4
OSV
OSV
added 2026/04/02 4:44 p.m.5 views

CLSA-2026-1775148284 binutils: Fix of 3 CVEs

CVE-2025-66862: fix heap-buffer-overflow in gnuspecial in cplus-dem.c - CVE-2025-66863: fix SEGV in ddiscriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in dprintcomp in cp-demangle.c...

7.5CVSS5.8AI score0.00323EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2026/04/02 1:15 p.m.2 views

CVE-2026-5332 Xiaopi Panel WAF Firewall demo.php cross site scripting

A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...

5.1CVSS4.6AI score0.00194EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/02 10:59 a.m.6 views

mysql: mariadb: High Privilege Denial of Service Vulnerability in MySQL Server (CPU Jan 2025)

A flaw was found in the MySQL Server component: InnoDB. This vulnerability allows a high-privileged attacker to cause a denial of service, which causes frequent crashes or hangs, via multiple network protocols...

4.9CVSS6.7AI score0.01236EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/02 10:53 a.m.3 views

CVE-2026-21631

Lack of output escaping leads to a XSS vector in the multilingual associations component...

8.4CVSS5.9AI score0.00216EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/02 10:53 a.m.4 views

CVE-2026-21629

The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...

7.3CVSS5.8AI score0.00249EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/02 8:42 a.m.4 views

SUSE CVE-2026-5286

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00313EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29837

A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. Such manipulation leads to type confusion. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is described as difficult. The...

6.3CVSS5.2AI score0.00427EPSS
Exploits0References9
Rows per page
Query Builder