Lucene search
K

716 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.7 views

NewStart CGSL MAIN 6.06 (SP) : pam Multiple Vulnerabilities (NS-SA-2026-0005)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has pam packages installed that are affected by multiple vulnerabilities: - pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the...

7.2CVSS6.1AI score0.04121EPSS
Exploits2References15
ATTACKERKB
ATTACKERKB
added 2026/03/04 2:36 p.m.4 views

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

5.8AI score0.00156EPSS
Exploits0References9Affected Software1
Malwarebytes
Malwarebytes
added 2026/03/04 1:44 p.m.6 views

Does the UK really want to ban VPNs? And can it be done?

The idea of a "Great British Firewall" makes for a catchy headline, but it would be riddled with holes and cause huge problems. The Guardian reports that the GCHQ Government Communications Headquarters, a UK intelligence, security, and cyber agency, is exploring the idea of a British firewall...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.8 views

PT-2026-22921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The f2fs file system in the Linux kernel contains a flaw related to out-of-bounds memory access and incorrect handling of integer values when reading and writing sysfs attributes...

7.1CVSS6AI score0.00156EPSS
Exploits0
Packet Storm
Packet Storm
added 2026/03/02 12:0 a.m.178 views

📄 WordPress Premium Age Verification Restriction 3.0.2 Shell Upload

A critical security vulnerability exists in the WordPress Age Restriction plugin version 3.0.2 and earlier. The vulnerability allows unauthenticated attackers to upload arbitrary PHP files and execute remote code via the remotetunnel.php endpoint. This leads to complete compromise of the WordPres...

9.8CVSS6.3AI score0.0055EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2026/02/24 3:48 p.m.13 views

Reddit, porn sites fined by UK regulators over children’s safety and privacy

The UK’s online safety and privacy regulators are targeting companies that violate new age verification laws at both ends : Porn sites that did not keep children out, and mainstream platforms that profited from children coming in. On February 23, media regulator Ofcom fined porn operators that...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/24 3:22 p.m.6 views

Roblox gives predators “powerful tools” to target children, says LA County

Los Angeles County has sued online gaming company Roblox, adding to a series of suits that accuse the virtual worlds platform of misleading parents into thinking it's safe while leaving children exposed to predators and sexually explicit content. The February 19 filing makes LA County the first...

5.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/20 2:8 p.m.20 views

Age verification vendor Persona left frontend exposed, researchers say

Researchers investigating Discord’s age-verification checks say they discovered an exposed frontend belonging to Persona, the identity-verification vendor used by Discord. It revealed a far more expansive surveillance and financial intelligence stack than a simple “teen safety” tool. A short whil...

5.7AI score
Exploits0
Wolfi
Wolfi
added 2026/02/19 7:48 p.m.5 views

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: aactl, sftpgo, kyverno, mattermost, envoy-gateway, step, seaweedfs, nri-mysql, k3s, caddy, gitsign, flux-kustomize-controller, argo-workflows, trillian, chezmoi, cerbos, minio, jitsucom-bulker, grafana-alloy, kyverno-policy-reporter, temporal, age, dex,...

6.1AI score
Exploits0
Cvelist
Cvelist
added 2026/02/16 9:2 a.m.36 views

CVE-2026-2548 WAYOS FBM-220G rc sub_40F820 command injection

A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub40F820 of the file rc. Executing a manipulation of the argument upnpwaniface/upnpssdpinterval/upnpmaxage can lead to command injection. The attack can be executed remotely. The vendor was contacted early about this...

6.5CVSS0.01586EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/16 9:2 a.m.6 views

CVE-2026-2548

A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub40F820 of the file rc. Executing a manipulation of the argument upnpwaniface/upnpssdpinterval/upnpmaxage can lead to command injection. The attack can be executed remotely. The vendor was contacted early about this...

6.5CVSS5.5AI score0.01586EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.8 views

WAYOS FBM-220G 安全漏洞

WAYOS FBM-220G is a network behavior management router developed by the Chinese company Wayos. Version 24.10.19 of WAYOS FBM-220G contains a security vulnerability. This vulnerability stems from improper handling of parameters upnpwaniface/upnpssdpinterval/upnpmaxage in the sub40F820 function in...

6.5CVSS6.6AI score0.01586EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2026/02/12 12:35 p.m.6 views

Child exploitation, grooming, and social media addiction claims put Meta on trial

Meta is facing two trials over child safety allegations in California and New Mexico. The lawsuits are landmark cases, marking the first time that any such accusations have reached a jury. Although over 40 state attorneys general have filed suits about child safety issues with social media, none...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/10 3:29 p.m.8 views

Discord will limit profiles to teen-appropriate mode until you verify your age

Discord announced it will put all existing and new profiles in teen-appropriate mode by default in early March. The teen-appropriate profile mode will remain in place until users prove they are adults. To change a profile to “full access” will require verification by Discord’s age inference model...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/10 1:50 p.m.7 views

How safe are kids using social media? We did the groundwork

When researchers created an account for a child under 13 on Roblox, they expected heavy guardrails. Instead, they found that the platform’s search features still allowed kids to discover communities linked to fraud and other illicit activity. The discoveries spotlight the question that lawmakers...

5.9AI score
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 11:28 p.m.7 views

CVE-2025-61634

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

3.1CVSS5.2AI score0.00273EPSS
Exploits0
Patchstack
Patchstack
added 2026/02/02 2:24 p.m.6 views

WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Age Gate vulnerability discovered by Phuoc Pham p3tl0v3r - VNPT Cyber Immunity in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.2...

6.4CVSS5.3AI score0.00333EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-24857)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24857 advisory. - A race condition was found in the Linux kernel's net/bluetooth device driver in conninfomin,maxageset...

6.8CVSS7.8AI score0.00317EPSS
Exploits0References2
Hacker One
Hacker One
added 2026/01/19 10:12 a.m.14 views

curl: Cookie Max-Age Integer Overflow Vulnerability

Summary: The cookie parsing code in lib/cookie.c contains an integer overflow vulnerability when processing the Max-Age attribute of HTTP cookies. The vulnerable code attempts to add the max-age value to the current timestamp without adequate overflow protection While the code includes an overflo...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.12 views

CVE-2017-18589

An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic...

7.5CVSS6.8AI score0.01485EPSS
Exploits0References1
Rows per page
Query Builder