Lucene search
K

104733 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 9:52 p.m.8 views

CVE-2026-45991

A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...

7.8CVSS6AI score0.00013EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 9:18 p.m.8 views

CVE-2026-46004

A flaw was found in the Linux kernel, specifically within the ALSA caiaq driver. This vulnerability arises from improper error handling during the setupcard probe procedure. When an error occurs, the system may attempt to use memory that has already been freed, leading to a Use-After-Free UAF...

7CVSS6AI score0.00032EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 9:5 p.m.29 views

CVE-2026-45152 uniget: Command Injection in tool.Check Leading to Arbitrary Code Execution

uniget is a universal installer and updater for container tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is loaded directly from untrusted JSON metadata without...

7.8CVSS0.00038EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:5 p.m.8 views

EUVD-2026-32670

uniget is a universal installer and updater for container tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is loaded directly from untrusted JSON metadata without...

7.8CVSS6.4AI score0.00038EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:5 p.m.6 views

CVE-2026-45152

uniget is a universal installer and updater for container tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is loaded directly from untrusted JSON metadata without...

7.8CVSS6.4AI score0.00038EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 9:5 p.m.5 views

CVE-2026-45152 uniget: Command Injection in tool.Check Leading to Arbitrary Code Execution

uniget is a universal installer and updater for container tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is loaded directly from untrusted JSON metadata without...

7.8CVSS6.3AI score0.00038EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 9:5 p.m.12 views

CVE-2026-45152

CVE-2026-45152 affects uniget prior to 0.27.1, where a command injection is possible via the check field loaded from untrusted JSON metadata. The implementation runs /bin/bash -c on tool.Check, allowing an attacker-controlled value to execute arbitrary shell commands during common operations (des...

7.8CVSS6.4AI score0.00038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/27 9:3 p.m.8 views

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

7.8CVSS6AI score0.00013EPSS
Exploits0References4
Debian
Debian
added 2026/05/27 9:3 p.m.14 views

[SECURITY] [DSA 6304-1] unbound security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6304-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 27, 2026 https://www.debian.org/security/faq -...

10CVSS5.9AI score0.00322EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/27 8:20 p.m.9 views

CVE-2026-44709

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRYFALLBACKAPP environment variable and executes it directly without any validation. Any process that can set environment variables before pamusb-pinentry is invoked ca...

7.8CVSS6AI score0.00023EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/05/27 6:16 p.m.7 views

CVE-2025-69600

Command injection in Raynet rvia RayVentory Scan Engine 12.6 Update 8 and previous versions allows adversaries to execute commands via getconfig, upload, inventory, and oracle options...

7.8CVSS0.00074EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/05/27 4:58 p.m.12 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.9AI score0.00045EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:18 p.m.13 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.9AI score0.00046EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:12 p.m.10 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.9AI score0.00045EPSS
Exploits0References6
Talos Blog
Talos Blog
added 2026/05/27 2:0 p.m.9 views

MediaArea heap-based buffer overflow vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed four vulnerabilities in MediaArea MediaInfoLib library. The vulnerabilities mentioned in this blog post have been patched by their respective vendor, in adherence to Cisco 's third-party vulnerability disclosure policy. For...

7.8CVSS6.3AI score0.00021EPSS
Exploits1
OSV
OSV
added 2026/05/27 1:2 p.m.4 views

USN-8321-1 papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

8.4CVSS5.8AI score
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/27 1:2 p.m.9 views

USN-8321-1: Papers vulnerability

It was discovered that Papers incorrectly handled PDF /GoToR actions. If a user were tricked into opening a specially crafted PDF file, an attacker could use this issue to manipulate command lines and possibly execute arbitrary code...

8.4CVSS5.8AI score
Exploits0
OSV
OSV
added 2026/05/27 12:23 p.m.2 views

USN-8318-1 libcaca vulnerability

It was discovered that libcaca incorrectly handled certain malformed files. An attacker could use this issue to cause libcaca to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6AI score0.00086EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/27 12:23 p.m.8 views

USN-8318-1: libcaca vulnerability

It was discovered that libcaca incorrectly handled certain malformed files. An attacker could use this issue to cause libcaca to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6AI score0.00086EPSS
Exploits0
OSV
OSV
added 2026/05/27 9:35 a.m.4 views

USN-8316-1 cableswig vulnerabilities

It was discovered that Expat, vendored in CableSwig, incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

9.8CVSS7.1AI score0.11027EPSS
Exploits0References3
Rows per page
Query Builder