Lucene search
K

2337 matches found

CVE
CVE
added 2026/06/02 12:0 a.m.24 views

CVE-2026-38978

Transmission 4.1.1 and earlier is affected by a clickjacking weakness in its browser-facing WebUI and RPC response paths. The CVE entry CVE-2026-38978 records a MEDIUM severity with CVSS v3.1 metrics: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N, base score 5.3. Connected sources confirm vulnerable compon...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.15 views

PT-2026-45777

Name of the Vulnerable Software and Affected Versions transmission versions prior to 4.1.2 Description A clickjacking weakness exists in the browser-facing WebUI and RPC response paths. Clickjacking is a technique where an attacker uses transparent or opaque layers to trick a user into clicking o...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References14
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Transmission 安全漏洞

Transmission is an open-source BitTorrent client application developed by Transmission. This program primarily provides features such as file downloading. Versions of Transmission 4.1.1 and earlier contained security vulnerabilities, which were due to a click hijacking vulnerability in the...

5.3CVSS5.3AI score0.00305EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/02 12:0 a.m.9 views

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

5.3CVSS5.8AI score0.00305EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/29 2:46 p.m.8 views

CVE-2018-25384 Wikidforum 2.20 Cross-Site Scripting via reply_text Parameter

Wikidforum 2.20 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted HTML in the replytext parameter. Attackers can post comments containing JavaScript code through the rpc.php endpoint that executes in other users'...

5.4CVSS5.7AI score0.00215EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/29 2:6 a.m.13 views

EUVD-2026-33245

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 2:6 a.m.10 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/29 2:6 a.m.33 views

CVE-2026-7480

CVE-2026-7480 : An Incorrect Permission Assignment for Critical Resource vulnerability affects the ASUS System Control Interface. A local user can elevate privileges to SYSTEM and execute arbitrary code by sending a crafted RPC call that bypasses the validation mechanism. This description is supp...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 2:6 a.m.11 views

CVE-2026-7480

An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary code via a crafted RPC call that bypass the validation mechanism. Refer to the 'Security Update for ASUS System Control...

7.3CVSS6.2AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.26 views

PT-2026-44742

Name of the Vulnerable Software and Affected Versions ASUS System Control Interface affected versions not specified Description An incorrect permission assignment for critical resources in the ASUS System Control Interface allows a local user to elevate privileges to SYSTEM and execute arbitrary...

7.3CVSS6AI score0.00135EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 1:2 p.m.13 views

CVE-2026-48692

A flaw was found in FastNetMon Community Edition. The gRPC API server, exposed on port 50052, operates without any authentication mechanism. A remote attacker with local network access can exploit this vulnerability to ban arbitrary IP addresses, resulting in a denial of service for legitimate...

8.1CVSS6AI score0.00233EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:12 a.m.11 views

rxrpc: Fix conn-level packet handling to unshare RESPONSE packets

...

5.5CVSS5.4AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:3 a.m.7 views

rxrpc: Fix rxkad crypto unalignment handling

...

7.5CVSS5.4AI score0.00441EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:3 a.m.9 views

rxrpc: Fix memory leaks in rxkad_verify_response()

...

5.5CVSS5.4AI score0.00122EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.14 views

SUSE CVE-2026-45988

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry. Fix this by just discarding the packe...

4.8CVSS5.8AI score0.00457EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.18 views

SUSE CVE-2026-46000

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

5.5CVSS5.8AI score0.00159EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 9:5 p.m.12 views

CVE-2026-46010

A flaw was found in the Linux kernel's rxrpc component. Missing error handling in the rxgkextracttoken function, specifically when rxgkdecryptskb returns an out-of-memory error -ENOMEM, could lead to an unexpected system abort. This vulnerability could allow a local attacker to cause a Denial of...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.10 views

CVE-2026-45998

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...

7.8CVSS0.00129EPSS
Exploits0References9
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-45988

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry. Fix this by just discarding the packe...

9.8CVSS0.00457EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:17 p.m.6 views

UBUNTU-CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS5.7AI score0.00403EPSS
Exploits0References7
Rows per page
Query Builder