Lucene search
K

22179 matches found

Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.8 views

PT-2026-5128

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimer try to cancel in perf swevent cancel hrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the eve...

5.8AI score0.00116EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.5 views

RethinkDB code injection vulnerability

RethinkDB is an open-source database developed by RethinkDB. Versions of rethinkdb 2.4.3 and earlier had a code injection vulnerability. This vulnerability stemmed from improper handling of the Secondary Index Handler component, which could lead to cross-site scripting attacks...

4.8CVSS5.7AI score0.00218EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.3 views

PT-2026-5158

Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability in the library creation file selection process that allows remote code execution. Attackers can craft a malicious text file with shellcode to trigger a structured exception handler SEH overwrite and execute arbitrary commands ...

9.8CVSS6.5AI score0.00512EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.14 views

Open5GS security vulnerabilities

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the function...

7.5CVSS6AI score0.00511EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/01/28 12:0 a.m.11 views

PT-2026-5157

docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler SEH overwrite to execute shellcode and gain remo...

8.4CVSS6.4AI score0.00149EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/27 9:24 a.m.9 views

CVE-2026-1424

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

7.2CVSS5.5AI score0.0043EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/27 9:23 a.m.20 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

7.2CVSS5.6AI score0.15138EPSS
Exploits1References1
OSV
OSV
added 2026/01/27 9:15 a.m.2 views

UBUNTU-CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

7.5CVSS6AI score0.00618EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.6 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005127)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005127 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in venusremove due to race condition in venusprobe, core-wo...

7CVSS6.7AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/26 3:10 p.m.13 views

CVE-2026-1406

A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of the component Host Header Handler. This manipulation of the argument Hostname causes open redirec...

5.1CVSS5.5AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/26 3:10 p.m.10 views

CVE-2026-24469

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's...

7.5CVSS6AI score0.00589EPSS
Exploits0References1
NVD
NVD
added 2026/01/26 7:16 a.m.7 views

CVE-2026-1424

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

7.2CVSS0.0043EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/26 7:2 a.m.31 views

CVE-2026-1424 PHPGurukul News Portal Profile Pic unrestricted upload

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

5.8CVSS0.0043EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/26 7:2 a.m.4 views

CVE-2026-1424 PHPGurukul News Portal Profile Pic unrestricted upload

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

5.8CVSS5.5AI score0.0043EPSS
Exploits1References5
CVE
CVE
added 2026/01/26 7:2 a.m.18 views

CVE-2026-1424

CVE-2026-1424 affects PHPGurukul News Portal 1.0, specifically the Profile Pic Handler component. The issue enables unrestricted file upload and can be triggered remotely; multiple sources report a publicly available exploit. The connected documents do not specify exact vulnerable versions, scope...

7.2CVSS5AI score0.0043EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/01/26 7:2 a.m.8 views

EUVD-2026-4705

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

7.2CVSS5.5AI score0.0043EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/26 7:2 a.m.7 views

CVE-2026-1424

A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an unknown part of the component Profile Pic Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

7.2CVSS5.5AI score0.0043EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/26 4:32 a.m.4 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

5.8CVSS5.6AI score0.15138EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/01/26 4:32 a.m.8 views

EUVD-2026-4699

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

5.8CVSS5.6AI score0.15138EPSS
Exploits1References5
CVE
CVE
added 2026/01/26 4:32 a.m.19 views

CVE-2026-1419

CVE-2026-1419 affects D-Link DCS700l 1.03.09. The issue is a command-injection in the Web Form Handler’s setDayNightMode, triggered by manipulating LightSensorControl. It can be exploited remotely and exploit code is publicly available. Affected component, root cause, and impact are described; no...

7.2CVSS5.4AI score0.15138EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder