Lucene search
K

10965 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drivers/virt/acrn: Fixed the PFNMAP PTE checks in acrnvmrammap. The patch series “mm: Improvements to followpte and fixes for acrn followpte”. Patch 1 fixes a number of issues I identified in the acrn driver. It’s just compile...

7.8CVSS6.5AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommufd: Fixed the issue where pages were unpinned when an access was present. syzkaller discovered that the calculation of batchlastindex should use ‘startindex’, because when this function is called, the batch is either empt...

5.5CVSS6.7AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed data corruption during writeback operations. The cifswriteback mechanism does not properly handle the situation where cifsextendwriteback reaches a point where an additional folio needs to be processed. This could...

7.8CVSS6.9AI score0.00282EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 5:16 p.m.12 views

CVE-2026-11982

Grav 2.0.0-rc.9 with Admin2 2.0.0-rc.14 contains a stored cross-site scripting XSS vulnerability in the Admin2 Pages API save flow...

5.1CVSS0.00299EPSS
Exploits0References4
CVE
CVE
added 2026/06/18 4:22 p.m.17 views

CVE-2026-11982

Technical details about this CVE are not publicly available in the provided documents. Monitor for updates and refer to the cited references for any forthcoming specifics.

5.1CVSS4.8AI score0.00299EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/18 4:22 p.m.11 views

EUVD-2026-37916

Grav 2.0.0-rc.9 with Admin2 2.0.0-rc.14 contains a stored cross-site scripting XSS vulnerability in the Admin2 Pages API save flow...

5.1CVSS4.8AI score0.00299EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/18 4:22 p.m.17 views

CVE-2026-11982 Stored XSS via missing XSS safety check in Admin2 Pages API partial validation

Grav 2.0.0-rc.9 with Admin2 2.0.0-rc.14 contains a stored cross-site scripting XSS vulnerability in the Admin2 Pages API save flow...

5.1CVSS0.00299EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/18 10:21 a.m.22 views

CVE-2026-54419 PIAF-HMS multiple unauthenticated SQL injection vulnerabilities via mysql_query

claudiopizzillo PIAF-HMS PBX-In-A-Flash Hotel Management System; no released versions, latest commit 389d2633441b65ced1c104212cd62be2bfca21e5 contains multiple unauthenticated SQL injection vulnerabilities. The application has no authentication mechanism and passes user-supplied HTTP parameters...

9.8CVSS0.00587EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.18 views

PT-2026-50696

Name of the Vulnerable Software and Affected Versions Grav version 2.0.0-rc.9 with Admin2 version 2.0.0-rc.14 Description A stored cross-site scripting XSS issue exists in the Admin2 Pages API save flow due to a missing XSS safety check during partial validation. Stored XSS occurs when an...

5.1CVSS5.8AI score0.00299EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.5 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.5 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/16 2:38 p.m.10 views

Server-side Request Forgery (SSRF)

Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the prerenderedErrorPageFetch. An attacker can access sensitive information or interact with...

8.2CVSS5.8AI score0.00196EPSS
Exploits0References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.310 views

PhpMyAdmin <4.8.2 - Local File Inclusion

PhpMyAdmin before version 4.8.2 is susceptible to local file inclusion that allows an attacker to include view and potentially execute files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted...

8.8CVSS7.7AI score0.98391EPSS
Exploits20References5
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-50168

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.55 n8n versions prior to 2.25.7 n8n versions prior to 2.26.2 Description An authenticated user with workflow edit access can inject arbitrary JavaScript into the page generated by the Chat Trigger by providing a...

7.6CVSS6.1AI score0.0021EPSS
Exploits0References6
Malwarebytes
Malwarebytes
added 2026/06/15 8:17 p.m.13 views

Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software

During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure distributing malware, malicious documents, remote desktop software, and phishing pages. EtherRAT is a...

6.6AI score
Exploits0
EUVD
EUVD
added 2026/06/13 12:34 a.m.9 views

EUVD-2026-36630

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

5.3AI score0.00118EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 10:16 p.m.12 views

CVE-2026-41158

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

7.8CVSS0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 9:57 p.m.17 views

CVE-2026-41158

Summary of CVE-2026-41158: The vulnerability concerns GPU DDK where backed sparse PMRs are not handled by the deferred free mechanism after shrink, allowing a non-privileged user to perform GPU system calls that write to arbitrarily freed physical pages. The root cause is that physical memory all...

7.8CVSS5.3AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 9:57 p.m.30 views

CVE-2026-41158 GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 9:57 p.m.5 views

CVE-2026-41158 GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

5.3AI score0.00118EPSS
Exploits0References1
Rows per page
Query Builder