Lucene search
K

1993 matches found

Nuclei
Nuclei
added 3 days ago94 views

Apache APISIX - Remote Code Execution

A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. When the admin key was changed or the port of Admin API was changed to a port different...

9.8CVSS7.3AI score0.96182EPSS
Exploits16References5
Snyk
Snyk
added 4 days ago5 views

Incorrect Authorization

Overview FlaskBB is an A classic Forum Software in Python using Flask. Affected versions of this package are vulnerable to Incorrect Authorization via manipulation of the topicid parameter in batch requests. An attacker can perform unauthorized actions such as locking, unlocking, deleting, or...

8.1CVSS6.1AI score0.00284EPSS
Exploits0References2
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2026-21370

Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...

5.3CVSS0.0006EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.34 views

CVE-2026-21370 Out-of-bounds Write in Camera Driver

Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...

5.3CVSS0.0006EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.5 views

CVE-2026-21370

Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 8:9 p.m.5 views

EUVD-2026-41928

Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 8:9 p.m.13 views

CVE-2026-21370

CVE-2026-21370 is an out-of-bounds write in the camera driver causing memory corruption when validating input batch size and buffer plane count that exceed maximum allowed values. The issue is described as a memory corruption condition in the Qualcomm camera driver. Exploitation details beyond wh...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.8 views

CVE-2026-21370 Out-of-bounds Write in Camera Driver

Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.13 views

PT-2026-55990

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs during the validation of input batch size and buffer plane count when these values exceed the maximum allowed limits. Recommendations At...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/27 6:50 a.m.9 views

CVE-2026-3462

The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'uploadcsv' and 'processbatch' functions in all versions up to, and including, 1.8.9. This makes it possible for authenticated attackers, with Subscriber-level access an...

6.5CVSS5.9AI score0.00276EPSS
Exploits1References6
CVE
CVE
added 2026/06/27 6:50 a.m.18 views

CVE-2026-3462

CVE-2026-3462 affects the Frisbii Pay plugin for WordPress (all versions up to 1.8.9). The vulnerability arises from missing capability checks on upload_csv and process_batch, enabling authenticated attackers with Subscriber-level access or higher to modify data by uploading arbitrary CSVs and ov...

6.5CVSS5.9AI score0.00276EPSS
Exploits1References5
OSV
OSV
added 2026/06/27 12:12 a.m.7 views

GHSA-72R4-9C5J-MJ57 pnpm: `patch-remove` could delete project-selected files outside the patches directory

Summary The patch-remove deletion-scope issue tracked as GHSA-72r4-9c5j-mj57 / CAND-PNPM-030 has been addressed in pnpm. A crafted patch entry could resolve outside the configured patches directory and cause pnpm patch-remove to delete an arbitrary reachable file. This patch validates the...

7.1CVSS5.9AI score0.00257EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52883

Name of the Vulnerable Software and Affected Versions Envoy versions 1.34.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description Envoy crashes when an ext proc server sends a single gRPC message containing...

6.5CVSS5.7AI score0.00444EPSS
Exploits1References3
CVE
CVE
added 2026/06/25 8:38 a.m.7 views

CVE-2026-53162

Summary (CVE-2026-53162) : In the Linux kernel memcg subsystem, a non-NMI-safe path around random-number generation during NMI handling could corrupt the ChaCha batch state, enabling memcg charge draining. The fix replaces the get_random_u32_below() path with a per-CPU round-robin counter stored ...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38828

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios see filemapgetfolios, foliobatchrelease, so we need to folioput the folios we remove. Tested on v6.18...

5.8AI score0.00359EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.31 views

CVE-2026-52960 ceph: put folios not suitable for writeback

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios see filemapgetfolios, foliobatchrelease, so we need to folioput the folios we remove. Tested on v6.18...

7.5CVSS0.00359EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52960 ceph: put folios not suitable for writeback

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios see filemapgetfolios, foliobatchrelease, so we need to folioput the folios we remove. Tested on v6.18...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:28 p.m.12 views

CVE-2026-52960

CVE-2026-52960 affects the Linux kernel Ceph component: when removing folios not suitable for writeback, the batch may hold references to folios and fail to release them, causing a resource leak. This could lead to DoS via resource exhaustion. The issue is resolved in the Linux kernel, with tests...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51854

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18 Description An issue exists in the ceph component where folios not suitable for writeback are not properly released. Because the batch maintains references to the folios through filemap get folios and folio...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2026/06/23 12:0 a.m.62 views

This Week in Spring - June 23rd, 2026

Hi Spring fans! In this installment, we look at the wide and wonderful world of Spring, as usual, and there's a good amount to get to, fresh off the recent Spring Boot 4.1 generation release train, so let's dive right into it! I wrote a blog post looking at Spring Batch, MongoDB, and Spring Boot...

5.8AI score
Exploits0
Rows per page
Query Builder