Lucene search
K

5499 matches found

CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53262

CVE-2026-53262 affects the Linux kernel ioctl path for the pppol2tp module (l2tp) where pppol2tp_ioctl() dereferenced sock->sk->sk_user_data without proper locking while a sleep could occur during copy_from_user(). If a concurrent socket close happened, l2tp_session_close() could free the s...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39213

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

5.8AI score0.00125EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS0.00125EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53194

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

6AI score0.00146EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but...

7.8CVSS5.8AI score0.00132EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.11 views

CVE-2026-53068

In the Linux kernel, the following vulnerability has been resolved: drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the AFBC payload size to the framebuffer offset. This addition is performe...

7.1CVSS0.00117EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters We have added validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes caused by malformed format strings...

6AI score0.00173EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 1:21 p.m.6 views

EUVD-2026-38789

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00345EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:21 p.m.16 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00345EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 12:49 p.m.6 views

CVE-2026-13163

Open redirect vulnerability CWE-601 in the saferedirect function of the click-tracking endpoint /c// in Mailerup 1.0.0 on all platforms allows remote unauthenticated attackers to redirect victims to arbitrary external sites and conduct phishing attacks via a crafted u query parameter, because the...

5.3CVSS6.1AI score0.00329EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-52918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: serialize acceptq access btsockpoll walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last...

8.8CVSS5.8AI score0.00266EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/23 6:17 p.m.8 views

EUVD-2026-38569

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT...

9.8CVSS6.2AI score0.0045EPSS
Exploits2References1
NVD
NVD
added 2026/06/23 4:17 p.m.13 views

CVE-2026-56692

NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment filenames using only isSafeAttachmentName before copying with fs.copyFileSync, which follows symlinks...

6.8CVSS0.00131EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 2:17 p.m.9 views

CVE-2026-56446

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...

8.7CVSS0.00383EPSS
Exploits0References1
Wiz blog
Wiz blog
added 2026/06/22 1:21 p.m.25 views

Cloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for Windows

Secure your Windows fleet without sacrificing performance. Wiz pairs real-time threat detection with a memory-safe architecture that scales efficiently to protect your essential cloud infrastructure...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/22 4:17 a.m.7 views

CVE-2026-12022

The following flaw was identified in the Chromium browser: Race Safe Browsing. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516929496...

8.3CVSS5.8AI score0.00166EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/06/19 2:0 p.m.15 views

Chromium: CVE-2026-12454 Race in Safe Browsing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.8AI score0.00146EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Thunderbird, Firefox, NSS

An attacker could create a PKCS 12 certificate bundle in a way that allows arbitrary memory writes through the mishandled Safe Bag attributes of PKCS 12. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS7AI score0.00817EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Google Chrome’s Safe Browsing feature before version 127.0.6533.72 allowed a remote attacker who convinced a user to perform certain UI gestures to bypass discretionary access control through a malicious file. Chromium security severity: Low...

8.8CVSS6.9AI score0.00403EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Google Chrome’s Safe Browsing feature before version 127.0.6533.72 allowed a remote attacker who convinced a user to perform certain UI gestures to bypass discretionary access control through a malicious file. Chromium security severity: Low...

4.3CVSS6.9AI score0.00366EPSS
Exploits0References2
Rows per page
Query Builder