Lucene search
K

392 matches found

RedHat Linux
RedHat Linux
added 2 days ago3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
CVE
CVE
added 2 days ago9 views

CVE-2026-22099

CVE-2026-22099 affects a charging station where Bluetooth commands do not require authentication. This leads to exposure of sensitive information, potential reboot triggering, and the ability to push a firmware update URL via Bluetooth. The issue is described with high impact on confidentiality, ...

8.7CVSS6.1AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-12270

The Everest Forms WordPress plugin before 3.5.0 does not correctly restrict access to several REST API endpoints belonging to its onboarding assistant: the capability check is only applied when an attacker-controllable request header holds a specific value, so it can be bypassed by omitting or...

6.5CVSS0.00179EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added last week5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
NVD
NVD
added last week8 views

CVE-2026-59257

n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated ... expression values directly into the raw SQL string without parameterization. When a workflow uses...

8.8CVSS0.00314EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/08 1:49 p.m.6 views

EUVD-2026-42269

n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated ... expression values directly into the raw SQL string without parameterization. When a workflow uses...

8.8CVSS6.3AI score0.00314EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 1:49 p.m.9 views

CVE-2026-59257

This CVE affects n8n before 1.123.61 and 2.x before 2.27.4, specifically the legacy MySQL v1 node’s executeQuery operation. The root cause is that evaluated {{ ... }} expression values are substituted directly into the raw SQL string without parameterization, enabling SQL injection when a workflo...

8.8CVSS6.3AI score0.00314EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/08 9:30 a.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/08 9:19 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56448

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.61 n8n versions prior to 2.27.4 n8n versions 2.28.0 through 2.28.0 Description A SQL injection issue exists in the legacy MySQL v1 node during the executeQuery operation. The system substitutes evaluated...

8.8CVSS6.3AI score0.00314EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/07 6:28 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:17 a.m.7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:9 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
OSV
OSV
added 2026/07/01 5:21 p.m.7 views

DRUPAL-CONTRIB-2026-067

This module enables you to test and run AI-driven workflows interactively through a chat interface. The module doesn't sufficiently enforce permissions on certain endpoints. Attackers may be able to trigger workflow execution incurring LLM spend and tool side effects or send messages into other...

5.4CVSS5.9AI score0.0023EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle an...

5.5CVSS6AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.11 views

EulerOS 2.0 SP15 : kernel (EulerOS-SA-2026-2444)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 bpf: Fix undefined behavior in interpreter sdiv/smod for INTMINCVE-2026-31525...

9.8CVSS7AI score0.96267EPSS
Exploits232References84
OSV
OSV
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53164 iommu/dma: Do not try to iommu_map a 0 length region in swiotlb

In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle and trailer. If the middle is empty because there are no aligned pages ...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
OSV
OSV
added 2026/06/23 9:17 p.m.5 views

DEBIAN-CVE-2026-54514

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:4 p.m.5 views

CVE-2026-56357

n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signature verification. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary data, spoofing GitHub webhoo...

6.3CVSS6AI score0.00186EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder