Lucene search
K

24 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14126

Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.0019EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:6 p.m.6 views

CVE-2026-52795

Gogs is an open source self-hosted Git service. In 0.14.3 and earlier, any authenticated user can watch a private repository they have no access to, because the access check in the Watch API handler is inverted. The code checks if repoCtx.ViewerCanRead returns 404 when the user CAN read instead o...

4.3CVSS5.9AI score0.00168EPSS
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/16 12:21 a.m.13 views

Chromium: CVE-2026-8561 Incorrect security UI in Fullscreen

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS5.8AI score0.00184EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the serial CAIF component not properly holding the tty-link reference during operations like...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/06 7:16 p.m.9 views

CVE-2026-7991

Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00223EPSS
Exploits0References1
Amazon
Amazon
added 2026/04/30 12:0 a.m.19 views

Important: docker

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.8AI score0.08123EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007420 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'immtq'...

5.8AI score0.00171EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/01/28 12:0 a.m.53 views

kernel security update

3.10.0-1160.119.1.0.15 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 Orabug: 38742878 - Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput Orabug: 38742878 - Bluetooth: L2CAP: Fix user-after-free CVE-2022-50386 Orabug: 38742878 - wifi: brcmfmac: fix use-after-free...

8.8CVSS7.6AI score0.03558EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001612 advisory. The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service...

7.8CVSS6.6AI score0.00395EPSS
Exploits0References11
OSV
OSV
added 2025/11/24 2:4 p.m.2 views

SUSE-SU-2025:4201-1 Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.44 fixes various security issues The following security issues were fixed: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. - CVE-2025-38616: tls: handle data disappearing fro...

7.8CVSS9.2AI score0.00178EPSS
Exploits0References5
NVD
NVD
added 2025/10/27 8:15 a.m.8 views

CVE-2025-12246

A security flaw has been discovered in chatwoot up to 4.7.0. This issue affects some unknown processing of the file app/javascript/shared/components/IframeLoader.vue of the component Admin Interface. The manipulation of the argument Link results in cross site scripting. The attack can be executed...

6.1CVSS0.00367EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-29034

Malicious code in bioql PyPI...

2.1CVSS6.3AI score0.00169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/17 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-39836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setupmmhdr is later on passed to teeshmregisterkernelbuf. The latter...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-52493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop chan lock before queuing buffers Ensure read and write locks for the...

5.5CVSS6.1AI score0.00209EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-39394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's C API implementation where the definition of the...

9.8CVSS8.2AI score0.00315EPSS
Exploits0References2
OSV
OSV
added 2025/07/03 9:15 a.m.3 views

UBUNTU-CVE-2025-38113

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0's iteration via foreachpossiblecpu dereferences these NULL pointers, causing...

5.5CVSS6AI score0.00157EPSS
Exploits0References31
CVE
CVE
added 2025/02/26 2:1 a.m.125 views

CVE-2022-49298

CVE-2022-49298 : Linux kernel staging rtl8712 driver fix for uninitialized mac[6] in r871xu_drv_init() after tmpU1b from r8712_read8(padapter, EE_9346CR) == 0. KMSAN reported uninit-value in that function and call chain (usb_intf.c:541; usb_probe_interface; device probing). Concrete details are p...

5.5CVSS5.4AI score0.00252EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/11 12:0 a.m.6 views

PT-2024-28723

Name of the Vulnerable Software and Affected Versions Red-DiscordBot versions prior to 3.5.10 Description A bug in Red's Core API may authorize a user to run a command even when that user doesn't have permissions to manage a channel. This issue affects 3rd-party cogs using the @commands.can manag...

6.9CVSS6AI score0.0041EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/10/31 2:48 a.m.3 views

SUSE CVE-2015-5190

The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary commands via "escape characters" in a URL...

8.5CVSS7.5AI score0.02544EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.4 views

The vulnerability of the gdi_multi_opaque_rect() function in the RDP client of FreeRDP, which allows a intruder to cause a service failure.

The vulnerability of the gdimultiopaquerect function in the RDP client FreeRDP is related to the operation of writing data beyond the buffer boundaries when processing the multiopaquerect-numRectangles parameter. Exploiting this vulnerability can allow a remote attacker to cause service failure...

5.3CVSS7.1AI score0.01529EPSS
Exploits1References12Affected Software3
Rows per page
Query Builder