Lucene search
K

8458 matches found

Microsoft CVE
Microsoft CVE
added 2026/05/28 8:2 a.m.6 views

bpf: fix end-of-list detection in cgroup_storage_get_next_key()

...

5.5CVSS5.4AI score0.00114EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.13 views

SUSE CVE-2026-46080

In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via following call trace: ocfs2dioendiowrite ocfs2markextentwritten ocfs2changeextentflag ocfs2splitexte...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.13 views

Autopsy 4.23.1

Autopsy is the premier end-to-end open source digital forensics platform. Built by Sleuth Kit Labs with the core features you expect in commercial forensic tools, Autopsy is a fast, thorough, and efficient hard drive investigation solution that evolves with your needs...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/27 11:16 p.m.22 views

CVE-2026-46538

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS0.00225EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:56 p.m.26 views

CVE-2026-46538

CVE-2026-46538 affects Microsoft UFO open-source framework; in version 3.0.1-4-ge2626659, the constellation client tracks pending task responses by session_id and does not bind completion to the originating device. An authenticated peer can forge a TASK_END with the same session_id to inject atta...

5.9CVSS5.8AI score0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 9:56 p.m.40 views

CVE-2026-46538 Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:56 p.m.10 views

EUVD-2026-32677

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS5.8AI score0.00225EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:56 p.m.11 views

CVE-2026-46538

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS5.8AI score0.00225EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 8:46 p.m.8 views

GHSA-XX3C-QF5G-HC39 Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address

Description Symfony Mailer selects a transport via the MAILERDSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...

8.6CVSS5.8AI score0.00062EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/27 8:46 p.m.11 views

Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address

Description Symfony Mailer selects a transport via the MAILERDSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...

5.8AI score0.00062EPSS
Exploits0References6Affected Software2
EUVD
EUVD
added 2026/05/27 3:33 p.m.9 views

EUVD-2026-32258

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

5.8AI score0.00128EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32277

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32276

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.12 views

EUVD-2026-32278

In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel...

9.3CVSS5.8AI score0.00662EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 2:17 p.m.9 views

CVE-2026-45974

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-45934

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation I have been observing a number of systems aborting at insertdevextents in btrfscreatependingblockgroups. The following is a sample stack trace of such an abo...

5.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-45974

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:16 p.m.9 views

CVE-2026-45858

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

5.5CVSS0.00155EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:16 p.m.9 views

CVE-2026-35087

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

9.3CVSS0.00662EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 p.m.10 views

CVE-2026-35089

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

8.7CVSS0.00589EPSS
Exploits0References1
Rows per page
Query Builder