Lucene search
K

1978 matches found

Nuclei
Nuclei
added 15 hours ago14 views

Yonyou YonBIP - Path Traversal

Yonyou YonBIP v3 and before contains a path traversal caused by improper validation in the LoginWithV8 interface of the series data application service system, letting unauthorized attackers access sensitive information. id: CVE-2025-66744 info: name: Yonyou YonBIP - Path Traversal author:...

7.5CVSS7AI score0.01446EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43004

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

7.5CVSS6.1AI score0.00452EPSS
Exploits0References4
CVE
CVE
added 2 days ago17 views

CVE-2026-55827

CVE-2026-55827 affects FreeRDP prior to 3.27.1. When clients start with the non-default /cache:codec:rfx option, FreeRDP passes desktop stride/height to RemoteFX decoding for Cache Bitmap V3 data and allocates bitmap->data only for the smaller DstWidth/DstHeight in gdi_Bitmap_Decompress, enabl...

7.5CVSS6.1AI score0.00452EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2 days ago6 views

CVE-2026-55827

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...

7.5CVSS6.1AI score0.00452EPSS
Exploits0
Circl
Circl
added 2026/06/27 12:42 a.m.14 views

GHSA-QRV3-253H-G69C

creationtimestamp| type| source ---|---|--- 2026-06-27 00:42:18+00:00| seen| https://gist.github.com/alon710/ce97a7a2201a10b1242cd90e0ea16a7d...

5.8AI score
Exploits0References1
NVD
NVD
added 2026/06/21 11:16 p.m.12 views

CVE-2026-12814

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS0.01182EPSS
Exploits0References5
OSV
OSV
added 2026/06/19 12:0 a.m.7 views

UBUNTU-CVE-2026-42530

NGINX Open Source has a vulnerability in the ngxhttpv3modulemodule...

9.2CVSS6.1AI score0.03225EPSS
Exploits3References4
OSV
OSV
added 2026/06/18 2:1 p.m.6 views

ROOT-APP-GOBINARY-CVE-2026-42296 CVE-2026-42296 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2026-42296 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

8.1CVSS5.8AI score0.00424EPSS
Exploits2
OSV
OSV
added 2026/06/18 2:1 p.m.9 views

ROOT-APP-GOBINARY-CVE-2024-53862 CVE-2024-53862 in rootio-github.com/argoproj/argo-workflows/v3 - Patched by Root

Root has patched CVE-2024-53862 in the rootio-github.com/argoproj/argo-workflows/v3 package for Root:Go. Multiple fixed versions available...

7.5CVSS6AI score0.00656EPSS
Exploits1
EUVD
EUVD
added 2026/06/16 9:32 p.m.14 views

EUVD-2026-37216

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.18 views

CVE-2026-0133

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00067EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 12:0 a.m.9 views

PUB-A-373409261

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00067EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 6:39 p.m.13 views

CVE-2026-46146

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture usb-audio subsystem. This vulnerability exists in the convertchmapv3 function, where the csdesc-wLength value is not properly validated. A malicious actor could provide a specially crafted, malformed USB audio descripto...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.5CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.8 views

CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.27 views

CVE-2026-46146

CVE-2026-46146 affects the Linux kernel's ALSA USB audio stack, specifically the convert_chmap_v3() routine. A loop uses cs_desc->wLength for increment but this value isn’t validated, allowing a potential endless loop with malformed descriptors. The issue is resolved by adding a proper size ch...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.14 views

CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.22 views

PT-2026-44269

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ALSA usb-audio component within the convert chmap v3 function. The function contains a loop that uses the cs desc-wLength variable to determine the increment size...

9.8CVSS6AI score0.03663EPSS
Exploits11References293
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.15 views

PT-2026-42636

Impact Users are impacted if: - They have a caveat structure with a nested list, e.g.: zed caveat shapex list x == "a", "b" - Their system exercises that caveat with either CheckBulkPermission or else LookupResources running with the --experimental-lookup-resources-version flag set to lr3, implyi...

2.3CVSS5.8AI score
Exploits0References4
Rows per page
Query Builder