Lucene search
+L

4722 matches found

Nuclei
Nuclei
added 8 hours ago23 views

Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)

Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...

5.8CVSS5.9AI score0.02698EPSS
Exploits1References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-45004

An issue was discovered in cyrus-imapd in Cyrus IMAP through 3.12.2. There is an XAPPLEPUSHSERVICE folder existence oracle and push hijack. An authenticated IMAP user could probe for the existence of arbitrary mailboxes on other users' accounts via the XAPPLEPUSHSERVICE command and then create...

3.1CVSS6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in @amedit/vercel-builder-probe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe0b29ddff65cbd65167ea905c448d928fc6da661d69df415993635bf1bd3bc When wired in as a @vercel/build-utils Builder and the exported build runs in a Vercel deployment pipeline, index.js reads the installer's...

6.1AI score
Exploits0References5
OSV
OSV
added 3 days ago4 views

MAL-2026-10548 Malicious code in @amedit/vercel-builder-probe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe0b29ddff65cbd65167ea905c448d928fc6da661d69df415993635bf1bd3bc When wired in as a @vercel/build-utils Builder and the exported build runs in a Vercel deployment pipeline, index.js reads the installer's...

6.1AI score
Exploits0References5
EUVD
EUVD
added 2026/07/06 6:15 a.m.8 views

EUVD-2026-41814

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/06 6:15 a.m.34 views

CVE-2026-14801 GPAC TeXML File load_text.c txtin_probe_duration divide by zero

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS0.00112EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.8 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53344

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Initialize mcp-dev and mcp-addr before regmap init Regmap initialization triggers regcachemaplepopulate which attempts SPI read to populate cache. SPI read requires mcp-dev and mcp-addr to be set, without them,...

0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53344

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Initialize mcp-dev and mcp-addr before regmap init Regmap initialization triggers regcachemaplepopulate which attempts SPI read to populate cache. SPI read requires mcp-dev and mcp-addr to be set, without them,...

5.7AI score0.00145EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 12:21 p.m.15 views

MAL-2026-6722 Malicious code in date-fns-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4694a079d83e33dcee7f87140c41737009d9f0b19f351c23f2ae3dbce9a47a51 [email protected] presents as a lightweight date-formatting utility but ships a malicious postinstall.js that runs automatically on npm install. T...

5.9AI score
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 1:21 p.m.8 views

CVE-2026-53204

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 9:29 a.m.7 views

CVE-2026-53296

A flaw was found in the Linux kernel, specifically within the mailbox-test component. This vulnerability occurs when channels are not correctly released during a probe error, leading to a memory leak and a Use-After-Free UAF condition. A Use-After-Free UAF is a memory corruption vulnerability tha...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 7:53 a.m.8 views

CVE-2026-53280

A flaw was found in the Linux kernel's Input-Output Memory Management Unit IOMMU component. This vulnerability occurs when a default IOMMU domain fails to allocate during the initial probe, leading to a NULL pointer dereference. This can cause a system crash, resulting in a Denial of Service DoS...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 6:16 a.m.26 views

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS0.00122EPSS
Exploits0References9
OSV
OSV
added 2026/06/29 6:16 a.m.4 views

UBUNTU-CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 4:53 a.m.25 views

CVE-2026-53325

CVE-2026-53325 affects the Linux kernel’s AGP AMD64 driver. The root cause is broken error propagation in agp_amd64_probe(): when no AMD northbridges are found, cache_nbs() returns a negative error code (e.g., -ENODEV), but the probe incorrectly checks for exactly -1. This allows initialization t...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/29 4:53 a.m.45 views

CVE-2026-53325 agp/amd64: Fix broken error propagation in agp_amd64_probe()

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

0.00122EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/06/29 4:53 a.m.11 views

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 3:20 a.m.10 views

Malicious code in rebrandly-domains-digger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...

5.8AI score
Exploits0References2
Rows per page
Query Builder