Lucene search
K

2207 matches found

Nuclei
Nuclei
added yesterday23 views

Rukovoditel <= 3.2.1 - Cross Site Scripting

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Add Announcement function at /index.php?module=helppages/pages&entitiesid=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...

5.4CVSS6.1AI score0.01049EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 5 days ago5 views

Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend

...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-53209

A flaw was found in the Bluetooth subsystem of the Linux kernel, specifically within the hcisync component. This vulnerability occurs when the hciadvbcastannoucement function attempts to prepend Broadcast Announcement service data to an existing advertising payload that is already at its maximum...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS0.00138EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References9
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53209

The CVE-2026-53209 issue affects the Linux kernel Bluetooth subsystem (hci_sync). When hci_adv_bcast_annoucement() tries to prepend the Broadcast Announcement service data to an already-full extended advertising payload, the combined data could exceed the temporary buffer used to rebuild advertis...

7.8CVSS6AI score0.00138EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53209 Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS0.00138EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39300

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

6AI score0.00138EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
CVE
CVE
added 2026/06/23 5:58 p.m.34 views

CVE-2020-9711

CVE-2020-9711 describes an out-of-bounds read (CWE-125) in Adobe Acrobat/Reader. Affected products include multiple lines of Acrobat/Reader: DC Continuous and Classic channels, across 2015, 2017, 2020 release families (e.g., 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earli...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2026/06/17 11:57 a.m.39 views

CVE-2024-32949

Technical details for CVE-2024-32949 are not provided in the supplied documents. No product/version/root-cause/impact/fix specifics are available here. Monitor for official updates from CVE records or vendor advisories.

8.3CVSS5.2AI score0.00293EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 10:43 a.m.72 views

CVE-2022-47150

CVE-2022-47150 concerns CSRF in WordPress plugins referencing WooCommerce Conversion Tracking. Affected product: WooCommerce Conversion Tracking plugin for WordPress, versions up to and including 2.0.10. Underlying issue: Cross-Site Request Forgery, enabling unauthenticated or unauthorized action...

4.3CVSS5.4AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 8:9 p.m.56 views

CVE-2022-48575

The CVE-2022-48575 issue affects macOS Monterey due to a consistency/state-handling defect that may allow a person with physical access to bypass the Login Window. The Apple security content notes this as fixed in macOS Monterey 12.4. Affected component: Login Window handling; root cause: improve...

3.5CVSS5.4AI score0.00153EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2026/06/05 5:16 a.m.8 views

CVE-2026-11312

creationtimestamp| type| source ---|---|--- 2026-06-05 05:16:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnjf334mcu2h...

4.8CVSS5.2AI score0.00112EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/26 12:0 a.m.6 views

kyverno-1.17.2-1.1 on GA media (moderate)

kyverno-1.17.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10613-1 Rating: moderate Cross-References: CVE-2026-1229 CVE-2026-24051 CVE-2026-33186 CVE-2026-34986 CVE-2026-4789 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...

8.6CVSS7.1AI score0.01557EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/03 7:17 p.m.10 views

CVE-2026-31394

A flaw was found in the Linux kernel's mac80211 component. This vulnerability occurs when processing stations on APVLAN interfaces, such as 4-address Wireless Distribution System WDS clients. An attacker could trigger a null pointer dereference during Channel Switch Announcement CSA operations,...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/27 3:30 p.m.8 views

EUVD-2026-16642

Server-Side Request Forgery SSRF vulnerability exists in the AnnounContent of the /admin/read.php in OTCMS V7.66 and before. The vulnerability allows remote attackers to craft HTTP requests, without authentication, containing a URL pointing to internal services or any remote server...

7.5CVSS6AI score0.00499EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/26 12:30 p.m.3 views

EUVD-2026-16154

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...

5.7AI score0.00114EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/26 10:22 a.m.21 views

CVE-2026-23396 wifi: mac80211: fix NULL deref in mesh_matches_local()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in meshmatcheslocal meshmatcheslocal unconditionally dereferences ie-meshconfig to compare mesh configuration parameters. When called from meshrxcsaframe, the parsed action-frame elements may not...

0.00114EPSS
Exploits0References8
CVE
CVE
added 2026/03/20 9:7 a.m.31 views

CVE-2024-31119

CVE-2024-31119 is a DOM-based XSS vulnerability in the WordPress plugin Special Box for Content by Vasilis Triantafyllou. The issue is described as an improper neutralization of input during web page generation, enabling DOM‑Based XSS. Affected version range is listed as from “n/a through 1” (i.e...

5.9CVSS7.3AI score0.00199EPSS
Exploits0References1
Rows per page
Query Builder