Lucene search
K

219841 matches found

CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

Rdiffweb 访问控制错误漏洞

Rdiffweb is a web application personally developed by Patrik Dufresne from the United States. It allows for quick access to your files through an efficient web interface. Versions of Rdiffweb prior to 2.10.5 contained a security vulnerability related to access control. This vulnerability stemmed...

8.1CVSS5.8AI score0.00245EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.7 views

Code-Projects BloodBank Managing System 访问控制错误漏洞

The Code-Projects BloodBank Managing System is an open-source blood bank management system developed by Code-Projects. Version 1.0 of the code-projects BloodBank Managing System contains a vulnerability related to access control. This vulnerability stems from an unlimited upload function in the...

6.5CVSS6.7AI score0.00206EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.8 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities stem from the lack of verification of buffer size when processing IOCTL handler callbacks, which may lead to...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.8 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from processing IOCTL commands when the device is in power-saving mode, resulting in memory corruption...

7.8CVSS5.8AI score0.00071EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.11 views

PT-2026-36884

Name of the Vulnerable Software and Affected Versions titra version 0.99.52 Description The globalsettings Meteor publication returns all global settings without performing administrative or role-based access checks. This allows any authenticated user to subscribe via DDP Distributed Data Protoco...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References4
OSV
OSV
added 2026/05/04 12:0 a.m.14 views

ALSA-2026:13565 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state CVE-2026-23136 kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of...

9.8CVSS6.1AI score0.96775EPSS
Exploits228References10
AlmaLinux
AlmaLinux
added 2026/05/04 12:0 a.m.26 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state CVE-2026-23136 kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of...

9.8CVSS5.9AI score0.96775EPSS
Exploits228References10
OSV
OSV
added 2026/05/04 12:0 a.m.16 views

ALSA-2026:13566 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of service or privilege escalation CVE-2026-23270 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.1AI score0.96775EPSS
Exploits228References10
AstraLinux
AstraLinux
added 2026/05/03 11:59 p.m.4 views

Astra Linux - уязвимость в linux

A locking issue was discovered in the tty subsystem of the Linux kernel through version 5.9.13. The file drivers/tty/ttyjobctrl.c allows for a use-after-free attack against TIOCSPGRP, also known as CID-54ffccbf053b...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/03 11:59 p.m.5 views

Astra Linux - уязвимость в linux

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through version 5.9.13. Files drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack on TIOCGSID, also known as CID-c8bcd9c5be24...

4.4CVSS6.7AI score0.00468EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/03 11:55 p.m.6 views

EUVD-2026-26850

Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor client to crash the server via out-of-memory OOM by sending crafted messages through the normal client communication channel...

4.9CVSS5.8AI score0.00344EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/03 9:47 p.m.98 views

Exploit for CVE-2026-40776

CVE-2026-40776 — Eventin wp-event-solution Broken Access Con...

5.8AI score0.00414EPSS
Exploits2
OSV
OSV
added 2026/05/03 8:58 p.m.7 views

MAL-2026-3251 Malicious code in puan31 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27d04731b8fc3968b624ec2435d48b09d1afffb46fefb44745c2c8ff31bf4855 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

6AI score
Exploits0References1
Veracode
Veracode
added 2026/05/03 4:46 p.m.11 views

Improper Access Control

Caddy is vulnerable to Improper Access Control. The vulnerability is due to incorrect case-insensitive matching in the HTTP path request matcher when percent-encoded sequences are present, allowing attackers to alter request path casing and bypass path-based routing or attached access controls...

9.1CVSS5.8AI score0.0037EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2026/05/03 1:49 p.m.7 views

MAL-2026-3248 Malicious code in pwn-control (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 719b4c85917a0a8bc84e7591598b0d17098dd32c8f29b5c09eb25fe1d3e079c3 During installation, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 12:32 p.m.14 views

Malicious code in win-update-helper-tool-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251972769752a77d15c86627fe078560c49ce79a47bcc4542128386eb5362342 If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 12:20 p.m.9 views

Malicious code in puan4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6be2e7028440f68ad3621664d195d72288e6a1d8658f16a421f3ec52d63d6f7a During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like sensitive files and browsers' dat...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/03 12:20 p.m.5 views

MAL-2026-3244 Malicious code in puan4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6be2e7028440f68ad3621664d195d72288e6a1d8658f16a421f3ec52d63d6f7a During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like sensitive files and browsers' dat...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 12:16 p.m.15 views

Malicious code in puan3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 531ab02814e67f81e5c82fb57b72d59c3972d0975932f6e9d00ea680040e9a13 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/03 12:16 p.m.7 views

MAL-2026-3243 Malicious code in puan3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 531ab02814e67f81e5c82fb57b72d59c3972d0975932f6e9d00ea680040e9a13 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

6AI score
Exploits0References1
Rows per page
Query Builder