Lucene search
K

2065 matches found

CVE
CVE
added 14 hours ago9 views

CVE-2026-15515

The CVE-2026-15515 entry concerns Tencent PC Manager (version 18.1.30242.301) and its QMUDisk Driver component, specifically the qmudisk64.sys library. The vulnerability is described as an uncontrolled search path issue in the QMUDisk Driver, exploitable only via a local attack. The description n...

7.3CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added 14 hours ago4 views

EUVD-2026-43256

A security vulnerability has been detected in Tencent PC Manager 18.1.30242.301. This issue affects some unknown processing in the library qmudisk64.sys of the component QMUDisk Driver. The manipulation leads to uncontrolled search path. The attack must be carried out locally. The attack is...

7.3CVSS6.3AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago3 views

kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF

A flaw was found in the Linux kernel's eventpoll mechanism. A Use-After-Free UAF vulnerability, where the system attempts to access memory after it has been freed, can occur during the removal of a file. A local attacker could exploit this race condition to corrupt memory, potentially leading to...

7.8CVSS6.3AI score0.00125EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-56417

Name of the Vulnerable Software and Affected Versions bentoml OpenLLM version 0.6.30 Description Command injection is possible within the Model Repository Directory Name Handler component. This occurs when the cmd argument is manipulated in the async run command function located in the...

7.8CVSS6.2AI score0.01338EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of t...

7.8CVSS6.1AI score0.00153EPSS
Exploits1References2
NVD
NVD
added 2026/07/06 12:16 p.m.9 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/06 11:15 a.m.35 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
CVE
CVE
added 2026/07/06 1:30 a.m.9 views

CVE-2026-14787

Radare2 (radare2) up to version 6.1.6 is affected. The issue is a vulnerability in the cmd_print function (libr/core/cmd_print.inc) of the PB Print Command Handler that allows an integer overflow when triggered by local input. An attacker with local access could exploit this; public PoC/exploit m...

7.8CVSS5.5AI score0.00136EPSS
Exploits1References7Affected Software1
EUVD
EUVD
added 2026/07/05 3:45 p.m.8 views

EUVD-2026-41771

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be...

4.8CVSS5.2AI score0.00131EPSS
Exploits1References7
NVD
NVD
added 2026/07/05 3:16 p.m.11 views

CVE-2026-14757

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

7.8CVSS0.00142EPSS
Exploits1References6
EUVD
EUVD
added 2026/07/05 3:15 a.m.8 views

EUVD-2026-41724

A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/04 11:0 p.m.9 views

CVE-2026-14683

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results...

4.8CVSS5.4AI score0.00118EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/03 8:45 p.m.7 views

EUVD-2026-41601

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS6.2AI score0.00128EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/29 2:0 p.m.34 views

CVE-2026-13573 llvm llvm-project ValueSymbolTable ValueSymbolTable.cpp insert stack-based overflow

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS0.00124EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/29 2:0 p.m.9 views

CVE-2026-13573 llvm llvm-project ValueSymbolTable ValueSymbolTable.cpp insert stack-based overflow

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS6AI score0.00124EPSS
Exploits0References7
CVE
CVE
added 2026/06/29 2:0 p.m.17 views

CVE-2026-13573

CVE-2026-13573 affects the LLVM project (up to 22.1.6), specifically the ValueSymbolTable module’s file lib/IR/ValueSymbolTable.cpp and its function StringMap::insert. The issue is a stack-based buffer overflow introduced in that function, enabling a local attacker to exploit it. The exploit has ...

4.8CVSS6AI score0.00124EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 3:16 p.m.12 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS0.00091EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/26 8:49 a.m.6 views

CVE-2026-53193

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. This vulnerability occurs when a timer object is freed while timer instances are still associated with it, particularly when userspace-driven timers are involved. A local user can exploit this by...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Uncontrolled Recursion (CVE-2025-8732)

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS5.2AI score0.00202EPSS
Exploits1References3
CVE
CVE
added 2026/06/17 7:2 a.m.16 views

CVE-2026-28575

CVE-2026-28575 affects the Android framework in PackageInstaller.Session.transfer (frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java). The issue is described as a logic error causing memory exhaustion that can lead to a local denial of service without requiring...

10CVSS5.6AI score0.00125EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder