Lucene search
K

669 matches found

CVE
CVE
added yesterday7 views

CVE-2026-58426

The CVE-2026-58426 affects Gitea, specifically the Actions Artifacts V4 signed URL mechanism, where an HMAC ambiguity enables cross-repository artifact read and cross-task upload-state write. The vulnerability stems from how signed URLs are validated, allowing unauthorized access across repositor...

9.6CVSS5.9AI score
Exploits0References4
Nuclei
Nuclei
added yesterday17 views

MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting

paintballrefjosh/MaNGOSWebV4 4.0.8 contains a reflected XSS caused by unsanitized input in install/index.php step parameter, letting attackers execute arbitrary scripts in the victim's browser, exploit requires victim to visit a maliciously crafted URL id: CVE-2017-6478 info: name: MaNGOSWebV4...

6.1CVSS6.6AI score0.02574EPSS
Exploits6References4
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53012

CVE-2026-53012 : In the Linux kernel, a race/logic error allows IPv6 routes to reference an IPv4 nexthop because the has_v4 flag in groups is not updated when the nexthop family changes from AF_INET6 to AF_INET. The issue occurs when an IPv6 nexthop is replaced with an IPv4 nexthop and the has_v4...

5.7AI score0.00185EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: added error handling to avoid out-of-bounds access. If the sdmav40irqidtoseq function returns -EINVAL, the process should be stopped to prevent out-of-bounds reading; therefore, -EINVAL should be returned directly...

7.1CVSS6.2AI score0.00238EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.32 views

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2132)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

7.8CVSS7AI score0.0071EPSS
Exploits7References506
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.18 views

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

7.8CVSS8.2AI score0.0071EPSS
Exploits7References506
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-45983

In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops e.g. SETATTR can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time limit, cachecheck wil...

5.5CVSS0.00123EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.20 views

TP-Link多款产品 安全漏洞

TP-Link Archer RE650, among others, are products of the Chinese company TP-Link. The TP-Link Archer RE650 is a dual-band Gigabit wireless signal extender. The TP-Link Archer RE305 is also a dual-band Gigabit wireless signal extender. The TP-Link Archer RE360 is a wireless repeater that supports...

8.8CVSS5.8AI score0.00398EPSS
Exploits0References11
NVD
NVD
added 2026/05/15 6:16 a.m.23 views

CVE-2026-28761

Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a user views a malicious page while logged-in to the affected product, unexpected operations may be done...

8.5CVSS0.00131EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 5:38 a.m.47 views

CVE-2026-28761

Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a user views a malicious page while logged-in to the affected product, unexpected operations may be done...

8.5CVSS0.00131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 5:38 a.m.10 views

CVE-2026-28761

Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a user views a malicious page while logged-in to the affected product, unexpected operations may be done...

8.5CVSS7.2AI score0.00131EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 5:38 a.m.10 views

CVE-2026-24662

Cross-site scripting vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a file containing malicious contents is uploaded, an arbitrary script may be executed on a user's web browser when viewing the administration page showing the informati...

5.4CVSS6.1AI score0.00134EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/15 4:57 a.m.11 views

Multiple vulnerabilities in "Musetheque V4 Information Disclosure for IPKNOWLEDGE"

Overview Musetheque V4 Information Disclosure for IPKNOWLEDGE provided by Fujitsu Japan Limited contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2026-24662 Cross-site request forgery CWE-352 - CVE-2026-28761 Nozomi Iimura, Sho Odagiri of GMO Cybersecurity by Ierae...

8.5CVSS6.6AI score0.00134EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Fujitsu Musetheque V4 跨站脚本漏洞

Fujitsu Musetheque V4 is a digital archive and collection information management system developed by Fujitsu for museums and cultural institutions. Fujitsu Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier versions contained a cross-site scripting vulnerability. This...

5.4CVSS6.3AI score0.00134EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Fujitsu Musetheque V4 跨站请求伪造漏洞

Fujitsu Musetheque V4 is a digital archive and collection information management system developed by Fujitsu for museums and cultural institutions. Versions of Fujitsu Musetheque V4 prior to rev2203.0 contained a cross-site request forgeing vulnerability. This vulnerability arises from cross-site...

8.5CVSS7.3AI score0.00131EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2026/05/06 12:1 p.m.18 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

9.8CVSS6.2AI score0.96267EPSS
Exploits228
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-014302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014302 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, on...

7.1CVSS7AI score0.00252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007035 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and resu...

7.8CVSS5.6AI score0.0013EPSS
Exploits0References4
OSV
OSV
added 2026/04/07 2:58 p.m.6 views

GO-2026-4909 Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git

Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git...

2.8CVSS5.7AI score0.00153EPSS
Exploits0References1
Rows per page
Query Builder