Lucene search
K

147060 matches found

RedHat Linux
RedHat Linux
added 2 days ago4 views

kernel: RDMA/rxe: Fix double free in rxe_srq_from_init

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

7.8CVSS6.6AI score0.00175EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score
Exploits0
CVE
CVE
added 2 days ago11 views

CVE-2026-7185

CVE-2026-7185 concerns TAO 2.0 suite web features for file management/upload that suffer a validation vulnerability allowing an attacker with access to the feature to attempt to access file system resources outside the intended scope. Affected: TAO 2.0 web components handling file operations. Roo...

6CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-7185 Unauthorized access to files in T-Systems products

A validation vulnerability has been identified in certain web features related to file management or upload in several products of the TAO 2.0 suite. This vulnerability could allow an attacker capable of interacting with the affected feature to attempt to access file system resources outside the...

6CVSS
Exploits0References1
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41874

A validation vulnerability has been identified in certain web features related to file management or upload in several products of the TAO 2.0 suite. This vulnerability could allow an attacker capable of interacting with the affected feature to attempt to access file system resources outside the...

6CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-14809

Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS0.00437EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

USN-8508-1 linux-nvidia-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...

9.8CVSS6.2AI score0.00817EPSS
Exploits9References85
Vulnrichment
Vulnrichment
added 2 days ago3 views

CVE-2026-9165 Stackrox: stackrox: unbounded graphql query depth allows authenticated denial of service

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...

7.7CVSS5.9AI score0.0026EPSS
Exploits0References4
CVE
CVE
added 2 days ago12 views

CVE-2026-9165

Summary : A flaw in Red Hat Advanced Cluster Security for Kubernetes (RHACS) Central allows unbounded GraphQL query depth on the authenticated GraphQL API, enabling a token-authenticated user to issue deeply nested queries that exhaust resources and cause a denial of service to the management pla...

7.7CVSS5.9AI score0.0026EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-9165

A flaw was found in Red Hat Advanced Cluster Security for Kubernetes RHACS. Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central...

7.7CVSS5.9AI score0.0026EPSS
Exploits0References5
NVD
NVD
added 2 days ago4 views

CVE-2026-14808

Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password...

9.8CVSS0.00507EPSS
Exploits0References2
NVD
NVD
added 2 days ago5 views

CVE-2026-11962

The FileOrganizer WordPress plugin before 1.2.0 does not validate the file type on several of its file-management operations, allowing authenticated users who have been granted file-manager access — which its premium add-on can extend to sub-administrator roles — to upload arbitrary PHP files and...

8.8CVSS0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-46590 Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle managers deserialize persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of CVE-2026-40048)

Deserialization of Untrusted Data vulnerability in Apache Camel PQC component. The camel-pqc component persists post-quantum key metadata KeyMetadata through pluggable KeyLifecycleManager implementations. HashicorpVaultKeyLifecycleManager and AwsSecretsManagerKeyLifecycleManager read that metadat...

0.00191EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-14809

CVE-2026-14809 affects PROG MIS’s Prog Management System. The connected CVE records confirm an SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands and read database contents. The description does not specify the exact vulnerable component, versi...

8.7CVSS6.2AI score0.00437EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41822

Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS6.2AI score0.00437EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-14809 PROG MIS|Prog Management System - SQL Injection

Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS0.00437EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-14809

Prog Management System developed by PROG MIS has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

8.7CVSS6.2AI score0.00437EPSS
Exploits0References3
CVE
CVE
added 2 days ago12 views

CVE-2026-14808

CVE-2026-14808 concerns the Prog Management System from PROG MIS, with an exposed sensitive-information vulnerability. Unauthenticated remote attackers can access a specific page and obtain the database account and password, leading to high-impact confidentiality and integrity risks (CVSS ~9.3–9....

9.8CVSS6AI score0.00507EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-14808 PROG MIS|Prog Management System - Exposure of Sensitive Information

Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password...

9.8CVSS0.00507EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-14808

Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password...

9.8CVSS6AI score0.00507EPSS
Exploits0References3
Rows per page
Query Builder