Lucene search
K

22189 matches found

UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.5 views

CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

5.8AI score0.00171EPSS
Exploits0References24
CVE
CVE
added 2026/01/14 3:7 p.m.17 views

CVE-2025-71140

CVE-2025-71140 : In the Linux kernel, the media: mediatek: vcodec context lists were previously protected by a mutex, but the IPI handler for MT8173 runs in hard IRQ context, which could trigger a NULL pointer dereference due to unexpected changes in the context lists. The fix switches the protec...

6.2AI score0.00171EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/14 3:7 p.m.26 views

CVE-2025-71140 media: mediatek: vcodec: Use spinlock for context list protection lock

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

0.00171EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:7 p.m.5 views

CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

5.3AI score0.00171EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/01/14 3:7 p.m.4 views

CVE-2025-71140 media: mediatek: vcodec: Use spinlock for context list protection lock

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

5.3AI score0.00171EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/01/14 3:7 p.m.4 views

CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

5.2AI score0.00171EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/14 9:53 a.m.5 views

kernel: can: j1939: implement NETDEV_UNREGISTER notification handler

A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References5
NVD
NVD
added 2026/01/14 6:15 a.m.7 views

CVE-2025-14615

The DASHBOARD BUILDER – WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.7. This is due to missing nonce validation on the settings handler in dashboardbuilder-admin.php. This makes it possible for...

7.1CVSS0.00132EPSS
Exploits0References5
CVE
CVE
added 2026/01/14 5:28 a.m.23 views

CVE-2025-14615

CVE-2025-14615 affects the DASHBOARD BUILDER – WordPress plugin for Charts and Graphs (versions ≤ 1.5.7). Wordfence and other sources confirm a CSRF flaw due to missing nonce validation in dashboardbuilder-admin.php, enabling unauthenticated attackers to forge requests that alter the stored SQL q...

7.1CVSS6AI score0.00132EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/14 5:28 a.m.30 views

CVE-2025-14615 DASHBOARD BUILDER <= 1.5.7 - Cross-Site Request Forgery to SQL Injection

The DASHBOARD BUILDER – WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.7. This is due to missing nonce validation on the settings handler in dashboardbuilder-admin.php. This makes it possible for...

7.1CVSS0.00132EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.6 views

CVE-2026-0513

Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management SICF Handler in SRM Catalog, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site.This causes low impact on integrity of the application...

4.7CVSS6.8AI score0.00171EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.7 views

WordPress plugin DASHBOARD BUILDER – WordPress plugin for Charts and Graphs 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

7.1CVSS6.5AI score0.00132EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.7 views

WordPress plugin PDF Resume Parser 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has a PHP and MySQL based on the server set up a personal blog site features. WordPress plugin is an application plug-ins. WordPress plugin...

5.3CVSS6.2AI score0.00323EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.7 views

PT-2026-2816

Name of the Vulnerable Software and Affected Versions DASHBOARD BUILDER – WordPress plugin for Charts and Graphs versions prior to 1.5.8 Description The software is susceptible to a Cross-Site Request Forgery CSRF issue. This is caused by a lack of nonce validation within the settings handler in...

7.1CVSS7.3AI score0.00132EPSS
Exploits0References10
OSV
OSV
added 2026/01/13 11:16 p.m.2 views

CVE-2023-54330

Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to...

9.3CVSS6.6AI score0.00679EPSS
Exploits1References4
OSV
OSV
added 2026/01/13 11:16 p.m.5 views

CVE-2023-54334

Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler SEH records that allows attackers to execute arbitrary code. Attackers can exploit the vulnerability by providing a long file name argument over 396 characters to corrupt the SEH chain and potentially...

7CVSS6.3AI score0.00499EPSS
Exploits1References3
NVD
NVD
added 2026/01/13 11:16 p.m.6 views

CVE-2023-54334

Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler SEH records that allows attackers to execute arbitrary code. Attackers can exploit the vulnerability by providing a long file name argument over 396 characters to corrupt the SEH chain and potentially...

9.8CVSS0.00499EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.3 views

CVE-2025-13934

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course enrollment in all versions up to, and including, 3.9.3. This is due to a missing capability check and purchasability validation in the courseenrollment AJAX handler. This makes it possib...

4.3CVSS5.2AI score0.00202EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-68798

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...

5.9AI score0.00168EPSS
Exploits0References26
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in python-tornado

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the provided “reason” phrase is used unescaped in HTTP headers where it could be used for header injection or in HTML on the default error page where it could be used for XSS attacks. This...

6.1CVSS5.8AI score0.00185EPSS
Exploits0References2
Rows per page
Query Builder