Lucene search
K

10967 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 3:50 a.m.8 views

CVE-2026-41846 Spring Framework Cross-site Scripting via JSP Form Tags

Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting in a cross-site scripting XSS vulnerability. Affected versions: Spring Framework 7.0.0 through...

5.9CVSS5.4AI score0.0014EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/09 2:21 a.m.9 views

SUSE CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

5.5CVSS5.3AI score0.00126EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.9 views

PT-2026-48100

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...

5.4CVSS6.5AI score0.00937EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47955

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-48037

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...

5.4CVSS6.8AI score0.00505EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Office Project Server 跨站脚本漏洞

Microsoft Office Project Server is an enterprise-level project and project portfolio management platform open-sourced by Microsoft. Microsoft Office Project Server has a cross-site scripting vulnerability, which stems from improper input during web page generation. This vulnerability could allow...

5.4CVSS6.7AI score0.00505EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.2AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which allows backend users with access to the Recycler module to restore unauthorized pages or soft-deleted records on tables. The following versions are...

5.3CVSS5.3AI score0.00238EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Spring Framework 跨站脚本漏洞

The Spring Framework is an application development framework developed by Spring in open source. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 have cross-site scripting vulnerabilities. These vulnerabilities stem from the cssClass, cssErrorClass, or cssStyle...

6.1CVSS5.2AI score0.0014EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2209)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 nfsd: fix RELEASELOCKOWNERCVE-2024-26629 bonding: limit BONDMODE8023AD to...

9.8CVSS7AI score0.96775EPSS
Exploits230References88
RedhatCVE
RedhatCVE
added 2026/06/08 6:27 p.m.13 views

CVE-2026-46309

A flaw was found in the Linux kernel's drm/xe/uapi component. This vulnerability allows a Graphics Processing Unit GPU using cohnone coherency mode to bypass CPU caches and read stale sensitive data directly from Dynamic Random-Access Memory DRAM. This can lead to information disclosure, where da...

7CVSS5.5AI score0.00119EPSS
Exploits0References4
NVD
NVD
added 2026/06/08 5:16 p.m.12 views

CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 5:16 p.m.7 views

CVE-2026-46279

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 5:16 p.m.9 views

CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

7.8CVSS0.00126EPSS
Exploits0References6
OSV
OSV
added 2026/06/08 5:16 p.m.6 views

UBUNTU-CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

5.3AI score0.00166EPSS
Exploits0References6
OSV
OSV
added 2026/06/08 5:16 p.m.5 views

UBUNTU-CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

7.8CVSS5.3AI score0.00126EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/08 3:41 p.m.39 views

CVE-2026-46280 lib: test_hmm: evict device pages on file close to avoid use-after-free

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

7.8CVSS0.00126EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 3:41 p.m.9 views

EUVD-2026-35145

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

5.4AI score0.00126EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:41 p.m.6 views

CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

7.8CVSS5.4AI score0.00126EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:41 p.m.7 views

CVE-2026-46279

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

5.3AI score0.00166EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder