Lucene search
+L

7590 matches found

Cvelist
Cvelist
added 2026/06/30 12:35 p.m.34 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS0.00282EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 12:35 p.m.4 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS6AI score0.00282EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.16 views

PT-2026-53992

Name of the Vulnerable Software and Affected Versions DCMTK affected versions not specified Description A compromised or malicious server can force a client to write files outside the designated output directory. This occurs when the client uses the bit-preserving C-GET storage mode, allowing the...

9.8CVSS5.8AI score0.00435EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-53877

Name of the Vulnerable Software and Affected Versions hostapd versions 2.11 through 2.11 Description A missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted managemen...

7.1CVSS5.9AI score0.00282EPSS
Exploits0References26
RedHat Linux
RedHat Linux
added 2026/06/29 7:50 p.m.6 views

kernel: RDMA/umem: Fix double dma_buf_unpin in failure path

A flaw was found in the Linux kernel's RDMA/umem subsystem. A memory management error, specifically a double unpin of a dmabuf, can occur in a failure path during dmabuf pinning operations. This vulnerability could lead to system instability or a crash, resulting in a Denial of Service DoS...

7.8CVSS7AI score0.00139EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:21 p.m.6 views

CVE-2026-57953

Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventingimportautomaticwebhook endpoint registered under spectator-permitted middleware. Attackers with spectator role can...

5.4CVSS5.8AI score0.00249EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 5:21 p.m.36 views

CVE-2026-57952 Mythic < 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUID

Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints c2profileconfigcheckwebhook, c2profileredirectruleswebhook, c2profilegetiocwebhook, c2profilesamplemessagewebhook that fail to verify payload ownership. An operator in one operation can invoke these...

6CVSS0.00171EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 5:21 p.m.30 views

CVE-2026-57952

Mythic before 3.4.0.60 contains an authorization bypass in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpo...

6.5CVSS5.8AI score0.00171EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/29 5:20 p.m.34 views

CVE-2026-57951 Mythic < 3.4.0.60 - Broken Permission Filter in payload_build_step Table

Mythic before 3.4.0.60 contains a broken hasura permission filter on the payloadbuildstep table with an always-satisfied or condition that bypasses operation-scoped access controls. Authenticated operators and spectators can query payloadbuildstep to read stepstdout, stepstderr, stepname, and...

7.1CVSS0.00246EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 1:12 p.m.12 views

CVE-2026-53122

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.5CVSS5.8AI score0.00179EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 8:36 a.m.9 views

CVE-2026-53319

A flaw was found in the Linux kernel's block writeback throttling blk-wbt component. The wbtinitenabledefault function used a warning mechanism WARNONONCE for expected failure paths during memory allocation or if writeback throttling was already registered. This could lead to spurious warnings, b...

5.5CVSS5.8AI score0.001EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.17 views

PT-2026-53669

Name of the Vulnerable Software and Affected Versions Mythic versions prior to 3.4.0.60 Description A broken Hasura permission filter exists on the payload build step table. This issue involves an always-satisfied or condition that bypasses operation-scoped access controls. Consequently,...

7.1CVSS6AI score0.00246EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53671

Name of the Vulnerable Software and Affected Versions Mythic versions prior to 3.4.0.60 Description An authorization bypass exists that allows authenticated users with the spectator role to perform unauthorized write operations. This occurs because the 'eventing import automatic webhook' endpoint...

5.4CVSS6AI score0.00249EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53670

Name of the Vulnerable Software and Affected Versions Mythic versions prior to 3.4.0.60 Description An authorization bypass exists in four REST endpoints: 'c2profile config check webhook', 'c2profile redirect rules webhook', 'c2profile get ioc webhook', and 'c2profile sample message webhook'. The...

6.5CVSS5.9AI score0.00171EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service Do...

5.5CVSS6.1AI score0.00126EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup counts in the CFG0..CFG2 registers. Kicking off a dispatch with ...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:9 a.m.4 views

locking/rtmutex: Skip remove_waiter() when waiter is not enqueued

...

5.5CVSS5.9AI score0.00128EPSS
Exploits0
CVE
CVE
added 2026/06/26 7:41 p.m.18 views

CVE-2026-53320

Technical details of CVE-2026-53320 are not publicly provided in the supplied documents; no vendor/product/patch information is confirmed here. Monitor for updates.

5.5CVSS5.8AI score0.00121EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/26 5:51 p.m.12 views

EUVD-2026-36190

ImageMagick has Null Pointer Dereference caused by the distort operation when passing incorrect arguments...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 5:51 p.m.2 views

GHSA-P9RQ-Q46C-G4X6 ImageMagick has Null Pointer Dereference caused by the distort operation when passing incorrect arguments

When passing incorrect arguments in the distort operation a null pointer deference will occur...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References4
Rows per page
Query Builder