Lucene search
K

6140 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.5 views

CVE-2026-32264

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, there is a Behavior injection RCE vulnerability in ElementIndexesController and FieldsController. Craft control panel administrator permissions and...

8.6CVSS5.7AI score0.00515EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 11:16 a.m.3 views

UBUNTU-CVE-2026-23396

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28361

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Prior to version 2026.02.0, the ISO15118 chargerImpl::handle update energy transfer modes function copies a variable-length list into a fixed-size array ...

6.9CVSS5.9AI score0.00197EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15611

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Blind SQL Injection.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.2...

5.9AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.2 views

CVE-2026-25007

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Blind SQL Injection.This issue affects ElementInvader Addons for Elementor: from n/a through = 1.4.2...

8.5CVSS0.00253EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/25 4:57 p.m.11 views

SUSE CVE-2026-23279

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a prior NULL check: ifmsh-chswttl = elems-meshchanswparamsie-meshttl;...

6.5CVSS5.8AI score0.00136EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2026/03/25 4:56 p.m.6 views

SUSE CVE-2026-23333

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00024EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/25 12:30 p.m.5 views

EUVD-2026-15293

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: validate open interval overlap Upstream commit 648946966a08e4cb1a71619e3d1b12bd7642de7b Open intervals do not have an end element, in particular an open interval at the end of the set is hard to validate...

5.7AI score0.00024EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23333

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00024EPSS
Exploits0
OSV
OSV
added 2026/03/25 11:16 a.m.2 views

UBUNTU-CVE-2026-23333

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00024EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.6 views

CVE-2026-23333

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00024EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.18 views

CVE-2026-23333

...

0.00024EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.5 views

CVE-2026-23333

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: validate open interval overlap Upstream commit 648946966a08e4cb1a71619e3d1b12bd7642de7b Open intervals do not have an end element, in particular an open interval at the end of the set is hard to validate...

5.7AI score0.00024EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/25 10:27 a.m.11 views

CVE-2026-23333

CVE-2026-23333 affects the Linux kernel netfilter nft_set_rbtree interval validation for open intervals. The issue concerned validation of open-ended intervals in a set; a new field (flag) in struct nft_set_elem was added to mark the last element in an add/delete command, enabling detection of pa...

5.8AI score0.00024EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:27 a.m.8 views

CVE-2026-23333 netfilter: nft_set_rbtree: validate open interval overlap

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: validate open interval overlap Upstream commit 648946966a08e4cb1a71619e3d1b12bd7642de7b Open intervals do not have an end element, in particular an open interval at the end of the set is hard to validate...

5.8AI score0.00024EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.6 views

Craft CMS 5.9.x < 5.9.11 Stored XSS (GHSA-3x4w-mxpf-fhqq)

The version of Craft CMS installed on the remote host is 5.9.x prior to 5.9.11. It is, therefore, affected by a cross-site scripting vulnerability: - The revision/draft context menu in the element editor renders the creator's fullName as raw HTML due to the use of Template::raw combined with...

5.4CVSS5.7AI score0.00243EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-23279

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: fix NULL pointer dereference in meshrxcsaframe In meshrxcsaframe, elems-meshchanswparamsie is dereferenced at lines 1638 and 1642 without a pri...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/24 5:22 p.m.3 views

CVE-2026-33157

Craft CMS is a content management system CMS. From version 5.6.0 to before version 5.9.13, a Remote Code Execution RCE vulnerability exists in Craft CMS, it can be exploited by any authenticated user with control panel access. This is a bypass of a previous fix. The existing patches add...

8.6CVSS5.8AI score0.0102EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/24 5:22 p.m.19 views

CVE-2026-33157 Craft CMS: Potential authenticated Remote Code Execution via malicious attached Behavior

Craft CMS is a content management system CMS. From version 5.6.0 to before version 5.9.13, a Remote Code Execution RCE vulnerability exists in Craft CMS, it can be exploited by any authenticated user with control panel access. This is a bypass of a previous fix. The existing patches add...

8.6CVSS0.0102EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/24 4:50 p.m.9 views

Craft CMS is Vulnerable to Authenticated Remote Code Execution via Malicious Attached Behavior

Summary A Remote Code Execution RCE vulnerability exists in Craft CMS 5.x and 4.x that bypasses the security fixes for GHSA-7jx7-3846-m7w7 and GHSA-255j-qw47-wjh5. This vulnerability can be exploited by any authenticated user with control panel access. The existing patches add cleanseConfig to...

8.6CVSS5.9AI score0.0102EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder