Lucene search
K

8276 matches found

NVD
NVD
added 2026/06/08 5:16 p.m.7 views

CVE-2026-46279

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

0.00166EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:41 p.m.7 views

CVE-2026-46279

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

5.3AI score0.00166EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/08 3:41 p.m.10 views

EUVD-2026-35144

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

5.4AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.8 views

CVE-2026-49299

A flaw was found in OpenStack Neutron. The tagging controller incorrectly enforces plural policy action names for single-tag write operations, while the defined policy rules use singular names. This mismatch allows a project reader to bypass intended policy restrictions, enabling them to create a...

5.3CVSS5.7AI score0.00295EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.11 views

PT-2026-47617

Summary The TDengine DAQ storage connector's escapeTdString at server/runtime/storage/tdengine/index.js:10 doubles single quotes but does not escape backslashes. TDengine's SQL parser treats ' as a literal single quote inside a string, so a tag id of the form x' OR 1=1-- escapes the first single...

5.3CVSS5.5AI score0.00082EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.9 views

PT-2026-47570

Summary The TDengine DAQ storage connector's escapeTdString at server/runtime/storage/tdengine/index.js:10 doubles single quotes but does not escape backslashes. TDengine's SQL parser treats ' as a literal single quote inside a string, so a tag id of the form x' OR 1=1-- escapes the first single...

5.3CVSS5.5AI score
Exploits0References3
Amazon
Amazon
added 2026/06/08 12:0 a.m.9 views

Medium: python3.13

Issue Overview: http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie valu...

6.1CVSS5.4AI score0.00229EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47351

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description An issue exists in the memory management system where page ext is initialized late during the boot process. Consequently, some pages allocated and freed before page ext becomes available ha...

9.1CVSS5.4AI score0.00457EPSS
Exploits1References62
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.10 views

RadKey: An LLM-Guided RF Backscatter System for Through-Wall Keystroke Inference

In today's digitally connected world, keyboards remain the primary interface for inputting sensitive information, making them a persistent target for eavesdropping attacks. While prior keystroke inference techniques have exploited side-channel signals such as acoustics and vibrations, they...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

TencentOS Server 4: vim (TSSA-2026:0300)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0300 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.6CVSS5.6AI score0.00501EPSS
Exploits0References2
Amazon
Amazon
added 2026/06/08 12:0 a.m.16 views

Important: ecs-init

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.8AI score0.00813EPSS
Exploits0
Friends Of PHP
Friends Of PHP
added 2026/06/06 4:27 p.m.4 views

Chacha20Poly1305 key-encryption algorithm discards the Poly1305 authentication tag, performing no authentication on decryption

Impact The experimental Chacha20Poly1305 key-encryption algorithm generates the 16-byte Poly1305 authentication tag during encryptKey but discards it: the tag is never written to the header and therefore never reaches the wire. On the receiving side, decryptKey calls...

5.5AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.1 : vim (EulerOS-SA-2026-2154)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans...

7.5CVSS6.8AI score0.00284EPSS
Exploits1References3
OSV
OSV
added 2026/06/05 9:45 p.m.7 views

GHSA-5X67-J5XG-C5GJ Bugsink: DOS using large numbers of event tags

Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...

4.3CVSS5.5AI score0.00056EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/05 9:45 p.m.12 views

Bugsink: DOS using large numbers of event tags

Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...

5.5AI score0.00056EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.7 views

CVE-2026-10729

An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting XSS in emails clients that render HTML emails. This issue affects Canarytokens: fr...

2.1CVSS5.5AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-9608

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS3.5AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.15 views

CVE-2026-39823

CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a tag's attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the attribute, the escaper would fail to similarly escape it, leading to XSS...

6.1CVSS7.7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.7 views

CVE-2026-3673

An authenticated attacker can store a crafted tag value in usertags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interpolates tag content into HTML attributes and element content without escaping. This issue affects...

5.4CVSS5.7AI score0.00201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-3454

The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.0. This is due to missing object-level authorization checks in the /wp-json/generateblocks/v1/dynamic-tag-replacements REST endpoint. The endpoint only verifies that...

6.5CVSS5.5AI score0.00539EPSS
Exploits0References1
Rows per page
Query Builder