Lucene search
+L

6109 matches found

EUVD
EUVD
added 2026/07/09 9:29 a.m.9 views

EUVD-2026-42557

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

4.6CVSS5.9AI score0.00115EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/09 9:29 a.m.6 views

CVE-2026-56289

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

4.6CVSS5.9AI score0.00115EPSS
Exploits0References4
CVE
CVE
added 2026/07/09 9:29 a.m.11 views

CVE-2026-56289

CVE-2026-56289 affects GNU patch. The vulnerability is a DoS caused by improper validation of hunk line offsets in unified-diff input, where a crafted patch can specify an extremely large line number, causing an effectively infinite processing loop and high CPU usage, rendering the process unresp...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/07/09 9:29 a.m.46 views

CVE-2026-56288 NULL Pointer Dereference in GNU patch

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk single block of changes in diff data structures, causing the application to pass a NULL pointer...

4.6CVSS0.00115EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 9:29 a.m.9 views

EUVD-2026-42556

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk single block of changes in diff data structures, causing the application to pass a NULL pointer...

4.6CVSS5.9AI score0.00115EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/09 9:29 a.m.8 views

CVE-2026-56288

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk single block of changes in diff data structures, causing the application to pass a NULL pointer...

4.6CVSS5.9AI score0.00115EPSS
Exploits0References4
CVE
CVE
added 2026/07/09 9:29 a.m.14 views

CVE-2026-56288

CVE-2026-56288 affects GNU patch. A NULL pointer dereference can occur while processing specially crafted unified-diff patch files due to improper handling of consecutive end-of-file newline markers, leading to a crash and denial of service. The issue is mitigated by the fixed patch in commit e6d...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.12 views

PT-2026-56776

Name of the Vulnerable Software and Affected Versions GNU patch affected versions not specified Description Improper validation of hunk line offsets in unified-diff input allows a denial of service DoS. A hunk is a single block of changes within a diff file. By supplying a specially crafted patch...

5.5CVSS6AI score0.00115EPSS
Exploits0References15
OSV
OSV
added 2026/07/02 7:37 p.m.4 views

GHSA-C8W6-X74F-VMG3 zebrad vulnerable to full node denial of service via crafted Sapling receiver in z_listunifiedreceivers

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your zebrad.toml sets rpc.listenaddr to a TCP address RPC server is enabled. 3. An attacker can authenticate to the RPC endpoint. With the default enablecookieauth = true, this requires the attacker to read the...

6.5CVSS5.8AI score
Exploits0References4
Fedora
Fedora
added 2026/07/01 1:22 a.m.14 views

[SECURITY] Fedora 43 Update: python-django-haystack-3.4.0-1.fc43

Haystack provides modular search for Django. It features a unified, familiar API that allows you to plug in different search backends such as Solr, Elasticsearch, Whoosh, Xapian, etc. without having to modify your code. Haystack is BSD licensed, plays nicely with third-party app without needing t...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-55214

Name of the Vulnerable Software and Affected Versions neuro-cortex-memory versions 3.17.0 and later Description Local arbitrary code execution is possible because the server treats the CLAUDE PROJECT DIR environment variable as a trusted source root. When the open visualization tool is invoked, t...

8.5CVSS6.5AI score
Exploits0References8
Wiz blog
Wiz blog
added 2026/06/29 1:39 p.m.11 views

Bridging the Visibility Gap: A Unified Security Operating Model for Hybrid Cloud Teams

Move beyond chasing vulnerabilities to a unified hybrid risk strategy. The Sensor Workload Scanner is now GA and extends our risk prioritization engine to on-premise environments to identify the critical attack paths across your hybrid cloud...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39378

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.6 views

CVE-2026-56023

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:12 p.m.15 views

CVE-2026-56023

The CVE concerns the WordPress plugin “UPI QR Code Payment Gateway for WooCommerce” (versions ≤ 1.6.2). The root cause is Broken Access Control, allowing unauthorized access with low privileges over a network. Metrics indicate a CVSS v3.1 base score of 5.4 (Medium) with Privileges Required: Low, ...

5.4CVSS5.9AI score0.00203EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/25 12:0 a.m.12 views

Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME contain a server-side request forgery SSRF Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that...

8.6CVSS5.9AI score0.41694EPSS
In wildExploits3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon...

6.1AI score0.00159EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.13 views

CVE-2026-53113

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...

0.00159EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 4:30 p.m.7 views

EUVD-2026-38981

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...

5.8AI score0.00159EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/24 6:50 a.m.11 views

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager Unified CM and Unified Communications Manager Session Management Edition Unified CM SME. The vulnerability, tracked as CVE-2026-20230 CVSS score: 8.6, is a case of improp...

8.6CVSS7.7AI score0.41694EPSS
Exploits3
Rows per page
Query Builder