Lucene search
K

2855 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006596 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Do not bother merging very long extents When merging very long extents we try to push as muc...

7.8CVSS5.7AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/04/07 5:16 p.m.3 views

CVE-2026-39384

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...

7.6CVSS0.00235EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/07 4:5 p.m.2 views

CVE-2026-39384

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...

7.6CVSS5.9AI score0.00235EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/07 4:5 p.m.1 views

CVE-2026-39384 FreeScout Customer Merge Cross-Mailbox Authorization Bypass

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...

7.6CVSS5.9AI score0.00235EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/07 4:5 p.m.25 views

CVE-2026-39384 FreeScout Customer Merge Cross-Mailbox Authorization Bypass

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...

7.6CVSS0.00235EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/07 4:5 p.m.3 views

EUVD-2026-19740

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, FreeScout does not take the limitusercustomervisibility parameter into account when merging customers. This vulnerability is fixed in 1.8.212...

7.6CVSS5.9AI score0.00235EPSS
Exploits1References2
CVE
CVE
added 2026/04/07 4:5 p.m.20 views

CVE-2026-39384

Product/Component: FreeScout (Laravel PHP) Vulnerability summary: Prior to version 1.8.212, FreeScout does not take the limit_user_customer_visibility parameter into account when merging customers, enabling a cross-mailbox authorization bypass. Impact (as stated): Cross-mailbox visibility/authori...

7.6CVSS5.9AI score0.00235EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.10 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.212 contained security vulnerabilities, which were caused by the lack of consideration for the limitusercustomervisibility...

7.6CVSS5.8AI score0.00235EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

defu 安全漏洞

Defu is a lightweight tool library developed by UnJS for recursively merging default values. Versions of Defu prior to 6.1.5 contained security vulnerabilities; these vulnerabilities stemmed from the practice of passing uncleaned user input into the Defu functions, which could lead to prototype...

7.5CVSS5.8AI score0.00398EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/04 6:17 a.m.2 views

Prototype Pollution

Overview defu is a Recursively assign default properties. Lightweight and Fast! Affected versions of this package are vulnerable to Prototype Pollution via the defu function. An attacker can override default configuration values by supplying crafted input containing a proto key, which results in...

8.7CVSS6.4AI score0.00398EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/04 6:17 a.m.5 views

Prototype Pollution

Overview org.webjars.npm:defu is a Recursively assign default properties. Lightweight and Fast! Affected versions of this package are vulnerable to Prototype Pollution via the defu function. An attacker can override default configuration values by supplying crafted input containing a proto key,...

8.7CVSS6.4AI score0.00398EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/03 3:45 a.m.6 views

Prototype Pollution

Overview dompurify is a DOM-only XSS sanitizer for HTML, MathML and SVG. Affected versions of this package are vulnerable to Prototype Pollution in the USEPROFILES function. An attacker can execute arbitrary JavaScript code in the context of the user’s browser by polluting Array.prototype with...

6.1CVSS6.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstar...

5.5CVSS6.5AI score0.00218EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/04/02 11:28 p.m.3 views

SUSE CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

5.5CVSS5.7AI score0.00218EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/04/02 2:51 p.m.125 views

Exploit for CVE-2026-23416

CVE-2026-23416-POC POC for CVE-2026-23416 linux kernel 6.17-l...

5.9AI score0.00218EPSS
Exploits1
EUVD
EUVD
added 2026/04/02 12:31 p.m.8 views

EUVD-2026-18198

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

5.7AI score0.00218EPSS
Exploits1References4
OSV
OSV
added 2026/04/02 12:16 p.m.3 views

DEBIAN-CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

5.5CVSS5.2AI score0.00218EPSS
Exploits1References1
OSV
OSV
added 2026/04/02 12:16 p.m.5 views

UBUNTU-CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

5.5CVSS5.7AI score0.00218EPSS
Exploits1References3
CVE
CVE
added 2026/04/02 11:40 a.m.39 views

CVE-2026-23416

The CVE-2026-23416 issue affects the Linux kernel (mm/mseal) where vm_area_struct end handling could become stale during VMA merges. The root cause is curr_end not staying in sync when a VMA is updated via vma_modify_flags(), leading to an incorrect curr_start on the next iteration. The fix uncon...

5.5CVSS5.7AI score0.00218EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/02 11:40 a.m.7 views

CVE-2026-23416

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: update VMA end correctly on merge Previously we stored the end of the current VMA in currend, and then upon iterating to the next VMA updated currstart to currend to advance to the next VMA. However, this doesn't take...

5.7AI score0.00218EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder