Lucene search
K

12641 matches found

OSV
OSV
added 2026/06/09 2:16 p.m.5 views

UBUNTU-CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS5.2AI score0.00132EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 12:25 p.m.22 views

CVE-2026-46326

CVE-2026-46326 affects the Linux kernel driver iio: pressure: mprls0025pa. The root cause is improper initialization of the spi_transfer structure, with the patch ensuring the spi_transfer struct is zeroed out before use. The impact is high (local access with potential to read uninitialized memor...

8.4CVSS5.4AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/09 12:25 p.m.10 views

EUVD-2026-35427

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

5.4AI score0.00132EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.12 views

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

9CVSS8.2AI score0.03799EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:46 a.m.25 views

CVE-2026-46747

The CVE-2026-46747 issue affects SINEC INS (all versions

5.3CVSS5.4AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 8:46 a.m.33 views

CVE-2026-46747

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected application does not properly sanitize path input in the GET /api/sftp/uploadFiles endpoint used for directory listing. This allows path traversal through crafted input, enabling access to unintended fil...

5.3CVSS0.00242EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 8:4 a.m.7 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to FTP command injection and denial of service due to Node.js module basic-ftp ( CVE-2026-39983 & CVE-2026-41324 )

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to FTP command injection and denial of service due to Node.js module basic-ftp. Vulnerability Details CVEID:CVE-2026-399...

8.6CVSS5.6AI score0.02185EPSS
Exploits2Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.8 views

Assessing Automated Prompt Injection Attacks in Agentic Environments

Indirect prompt injection poses a critical threat to LLM agents that interact with untrusted external data, yet automated attack methods--proven effective for jailbreaking--remain underexplored in realistic agentic settings. We present a comprehensive empirical evaluation of automated prompt...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-47784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mprls0025pa pressure sensor driver where the spi transfer structure is not properly zeroed out before use, which can lead to undefined behavior during SPI transfer...

8.4CVSS5.8AI score0.00132EPSS
Exploits0References13
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.20 views

FreeBSD Security Advisory - FreeBSD-SA-26:26.ktls

FreeBSD Security Advisory - The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through...

5.5AI score0.00154EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47632

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

6.9CVSS5.5AI score0.00285EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function, which could allow attackers ...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:11 p.m.6 views

CVE-2026-44186

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the modproxyftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00562EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 3:11 p.m.8 views

CVE-2026-44186 Apache HTTP Server: Loop in `proxy_ftp_handler` in mod_proxy_ftp

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in the modproxyftp module in Apache HTTP Server with an attacker controlled backend FTP server. This issue affects undefined: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

5.4AI score0.00562EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:10 p.m.81 views

CVE-2026-29170 Apache HTTP Server: mod_proxy_ftp XSS

A cross-site scripting vulnerability exists in modproxyftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 2:12 p.m.42 views

CVE-2026-43973 gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

Uncontrolled Resource Consumption vulnerability in ninenines gun gunhttp module allows a malicious server to exhaust client memory via unbounded HTTP/1.1 response buffering. In gunhttp:handle/5, three clauses accumulate incoming TCP data into the connection's buffer field using binary concatenati...

8.7CVSS0.00381EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/06/08 1:38 p.m.16 views

USN-8401-1: Netty vulnerabilities

It was discovered that Netty's HTTP proxy handler did not properly validate headers when constructing CONNECT requests. An attacker could possibly use this issue to inject arbitrary HTTP headers into CONNECT requests. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,...

9.8CVSS6.8AI score0.00818EPSS
Exploits6
NVD
NVD
added 2026/06/08 9:16 a.m.10 views

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

9CVSS0.03799EPSS
Exploits0References6
NCSC
NCSC
added 2026/06/08 8:31 a.m.20 views

Vulnerabilities present in IBM Aspera High-Speed Transfer Endpoint and Server

IBM has identified vulnerabilities in the IBM Aspera High-Speed Transfer Endpoint and Server versions 3.7.4 through 4.4.7 Fix Pack 1. These vulnerabilities reside in the asperahttpd component of the IBM Aspera High-Speed Transfer Endpoint and Server products. A buffer overflow can lead to...

9.8CVSS6.1AI score0.0058EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 6:45 a.m.9 views

EUVD-2026-35028

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

9CVSS8.3AI score0.03799EPSS
Exploits0References6
Rows per page
Query Builder