Lucene search
+L

5171 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.13 views

CVE-2026-2263

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hustlemoduleconverted' AJAX action in all versions up to, and including, 7.8.10.2. This makes it possible for...

5.3CVSS5.5AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.11 views

CVE-2026-42591

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

8.2CVSS5.5AI score0.00245EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:39 p.m.7 views

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

9.8CVSS5.9AI score0.00384EPSS
Exploits0References5
ICS
ICS
added 2026/06/04 2:10 p.m.14 views

SQLite sqldiff remote code execution via argument injection

RISK EVALUATION An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. 2. RECOMMENDED PRACTICES Fixed on 2025-12-26. 3. DESCRIPTION SQLite 'sqldiff.exe'...

9.8CVSS5.6AI score0.00384EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.32 views

PT-2026-46313

Name of the Vulnerable Software and Affected Versions SQLite sqldiff.exe versions prior to 2025-12-26 Description The sqldiff.exe utility does not securely handle the conversion of Unicode characters to ANSI codepages by the Microsoft Windows C runtime. An attacker can exploit this by using the...

9.8CVSS5.7AI score0.00384EPSS
Exploits0References10
Rosalinux
Rosalinux
added 2026/06/01 8:51 a.m.22 views

Advisory ROSA-SA-2026-3300

CVE-ID: CVE-2025-11731 BDU-ID: 2026-02739 CVE-Crit: LOW CVE-DESCRIPTION: The vulnerability in the exsltFuncResultComp function of the functions.c component in the Libxslt XML analysis library is related to data type conversion errors. Exploitation of this vulnerability may allow an attacker to...

7.5CVSS7.5AI score0.0363EPSS
Exploits5
NVD
NVD
added 2026/05/29 7:16 a.m.16 views

CVE-2026-6324

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...

4.8CVSS0.00872EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/29 5:24 a.m.17 views

CVE-2026-6324 Libsoup: libsoup: http request smuggling via unsigned to signed conversion error

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References3
OSV
OSV
added 2026/05/29 12:4 a.m.50 views

OSV-2026-823 Heap-buffer-overflow in ihevcd_fmt_conv_422sp_to_420p

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv422spto420p ihevcdfmtconv ihevcddecode...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.25 views

PT-2026-47226

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcd fmt conv 422sp to 420p ihevcd fmt conv ihevcd decode...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/05/28 3:43 p.m.11 views

RLSA-2026:18683 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Double Free Vulnerability in libssh Key Export Functions CVE-2025-5351 libssh: Use of uninitialized variable in privatekeyfromfile CVE-2025-4878 libssh: Write...

6.5CVSS6.3AI score0.00582EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.14 views

SUSE CVE-2026-45985

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/05/28 3:22 a.m.14 views

CVE-2026-45881

A flaw was found in the MediaTek SVS System Voltage Scaling driver within the Linux kernel. A memory leak occurs in the svsenabledebugwrite function when a buffer, allocated during a debug write operation, is not properly freed if an integer conversion fails. This vulnerability could allow a loca...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.13 views

CVE-2026-24192

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, da...

7.8CVSS6.1AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46013

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

5.5CVSS0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.45 views

CVE-2026-46013 mm/memfd_luo: fix physical address conversion in put_folios cleanup

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

0.00107EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-45985

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

5.5CVSS6AI score0.00123EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.17 views

CVE-2026-46013

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

5.5CVSS6.1AI score0.00107EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43880

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the put folios cleanup path of the memfd luo retrieve folios function. The kho restore folio function...

5.5CVSS5.9AI score0.00107EPSS
Exploits0
OSV
OSV
added 2026/05/26 7:31 p.m.23 views

JLSEC-2026-542

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability...

5.5CVSS6.6AI score0.01443EPSS
Exploits0References7
Rows per page
Query Builder