Lucene search
K

219900 matches found

EUVD
EUVD
added 2026/05/01 2:14 p.m.12 views

EUVD-2026-26533

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

5.8AI score0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 2:14 p.m.13 views

CVE-2026-31720

CVE-2026-31720 : In the Linux kernel, the USB gadget path f_uac1_legacy incorrectly handles control request length. Specifically, f_audio_complete() copies req->length bytes into a 4-byte stack variable (data) via memcpy, with req->length derived from host-controlled USB requests. This can ...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 2:14 p.m.5 views

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/01 1:56 p.m.3 views

CVE-2026-31712

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

8.3CVSS5.7AI score0.00315EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/01 1:56 p.m.7 views

EUVD-2026-26521

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

5.7AI score0.00315EPSS
Exploits0References4
CVE
CVE
added 2026/05/01 1:56 p.m.39 views

CVE-2026-31709

In the Linux kernel SMB client (cifsacl), CVE-2026-31709 arises from insufficient validation of a server-provided DACL when rewriting security descriptors. The fix extends structural validation to ensure the DACL header, size, and per-ACE bounds are checked before any rewrite paths (replace_sids_...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References19Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 1:56 p.m.5 views

CVE-2026-31709

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...

8.8CVSS5.8AI score0.00259EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 1:56 p.m.9 views

CVE-2026-31706

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

8.8CVSS5.9AI score0.00369EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/01 1:56 p.m.31 views

CVE-2026-31704 ksmbd: use check_add_overflow() to prevent u16 DACL size overflow

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size can wrap past 65535, causin...

0.00117EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/01 10:25 a.m.8 views

Malicious code in apple-internal-security-library-v99 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f44267d5128f9ac2c62938b60bfa45264207a0010c41c97082c72246a3a7a248 The package apple-internal-security-library-v99 was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/01 3:25 a.m.74 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 Auto Exploit !Pythonhttps://img.shields.io/...

9.8CVSS5.5AI score0.981EPSS
Exploits64
OSV
OSV
added 2026/05/01 12:29 a.m.5 views

MAL-2026-3208 Malicious code in bxiucnxcb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 136aa3924314879404ede1d7153b71b042b3fa55468f0aa1c534e6a18b79e37c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/01 12:29 a.m.8 views

Malicious code in bxiucnxcb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 136aa3924314879404ede1d7153b71b042b3fa55468f0aa1c534e6a18b79e37c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
NVD
NVD
added 2026/05/01 12:16 a.m.7 views

CVE-2026-7513

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

9CVSS0.00472EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from targetcorefile not initializing the kiwritestream field of aiocmd-iocb, which could result in a write comman...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Prosody 安全漏洞

Prosody is an instant messaging server software from Prosody open source. A security vulnerability exists in Prosody versions prior to 0.12.6 and versions prior to 13.0.5 in versions 1.0.0 through 13.0.0, which stems from improper handling of access control in an activation scenario with...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.5 views

PT-2026-36355

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack out-of-bounds write exists in the f audio complete function. The issue occurs because the function copies req-length bytes into a 4-byte stack variable using memcpy. Since...

7.8CVSS5.5AI score0.00129EPSS
Exploits0References18
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Automotive Grade Linux app-framework-binder 访问控制错误漏洞

Automotive Grade Linux app-framework-binder is an application framework communication component from Automotive Grade Linux, Inc. An Access Control Error vulnerability exists in Automotive Grade Linux app-framework-binder version 19.90.0 and earlier, which stems from a lack of authentication on...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.7 views

CVE-2025-52347

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call...

5.8AI score0.00109EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/01 12:0 a.m.6 views

EUVD-2025-209609

An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers to access kernel memory and escalate privileges via a crafted IOCTL 0x8011E044 call...

7.8CVSS5.8AI score0.00109EPSS
Exploits0References4
Rows per page
Query Builder