Lucene search
K

4875 matches found

NVD
NVD
added 2026/06/04 2:16 p.m.14 views

CVE-2026-40605

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS0.00303EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/04 1:4 p.m.20 views

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

4.7CVSS5.8AI score0.00106EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/04 12:50 p.m.11 views

EUVD-2026-34256

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.1, a path traversal vulnerability in the cache deletion endpoint allows authenticated API access to delete directories outside the configured cache path. This can cause arbitrary data loss and...

7.1CVSS5.9AI score0.00303EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.16 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Commons Lang vulnerability (USN-8364-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8364-1 advisory. It was discovered that Apache Commons Lang incorrectly handled recursion in the ClassUtils.getClass...

5.3CVSS6.7AI score0.02164EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/03 2:29 p.m.8 views

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition via the unicodedata.normalize function. An attacker can cause excessive CPU consumption by submitting specially crafted Unicode input, potentially leading to service disruption. Remediation A fix was...

6.9CVSS5.5AI score0.00492EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 5:16 p.m.14 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

7.5CVSS0.00437EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.30 views

CVE-2026-37232

An issue was discovered in OpenAirInterface5G 2.4.0 nr-softmodem in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fillRRUPrbTotDl and fillRRUPrbTotUl in openair2/E2AP/RANFUNCTION/O-RAN/ranfunckpmsubs.c lines 182 and 197 compute PRB usage percentages by dividing by...

0.00393EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.11 views

PT-2026-45453

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

5.8AI score0.00437EPSS
Exploits0References3
Redos
Redos
added 2026/05/29 12:0 a.m.11 views

ROS-20260529-73-0012

The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise, platforms for archiving corporate information, lies in the ability to bypass authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

8.1CVSS5.8AI score0.00376EPSS
Exploits0
Redos
Redos
added 2026/05/29 12:0 a.m.13 views

ROS-20260529-73-0026

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

9.9CVSS6.3AI score0.00856EPSS
Exploits1
Snyk
Snyk
added 2026/05/26 11:38 p.m.13 views

Incorrect Behavior Order: Validate Before Canonicalize

Overview @fedify/fedify is an An ActivityPub server framework Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize through manipulation of JSON-LD document structure using keywords such as @graph, @included, and @reverse. An attacker can alter...

8.3CVSS5.9AI score0.00171EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 5:26 p.m.11 views

EUVD-2025-209936

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

4.4CVSS5.8AI score0.00175EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:56 p.m.11 views

CVE-2026-48131

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality...

8.1CVSS5.8AI score0.02658EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 11:43 a.m.32 views

CVE-2025-11482

The vulnerability CVE-2025-11482 concerns the OPC-UA Server component used in PPT30. An unauthenticated, network-based attacker can exploit an Allocation of Resources Without Limits or Throttling vulnerability on affected systems running operating system versions before 1.8.0, potentially renderi...

8.7CVSS5.8AI score0.00322EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/26 3:28 a.m.9 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via the loadFromSharedState function. An attacker can cause unauthorized disclosure of information, modification of data, or disruption of service by supplying specially crafted input to th...

7.5CVSS7.1AI score0.00401EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.10 views

SUSE CVE-2026-44059

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

4.5CVSS5.8AI score0.00065EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.7 views

SUSE CVE-2026-44065

An off-by-two error in lpwrite in papd in Netatalk 2.0.0 through 4.4.2 allows an adjacent network attacker to modify limited data or cause a minor service disruption via crafted print data...

4.2CVSS5.8AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.14 views

SUSE CVE-2026-44066

Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to obtain sensitive information or cause a minor service disruption...

7.1CVSS5.9AI score0.0029EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.15 views

SUSE CVE-2026-44067

A heap over-read in extended attribute EA header parsing in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to obtain limited information or cause a minor service disruption via crafted EA data...

4.2CVSS5.8AI score0.00292EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.13 views

SUSE CVE-2026-44074

Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...

3.7CVSS5.8AI score0.00329EPSS
Exploits0References3
Rows per page
Query Builder