Lucene search
K

2310 matches found

Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52290

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab out-of-bounds write exists in the kl5kusb105 USB serial driver. The function klsi 105 prepare write buffer incorrectly handles the bulk-out buffer by storing a two-byte length...

7.8CVSS6.1AI score0.00148EPSS
Exploits0References25
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38833

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00167EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52965

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00167EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52965

The CVE-2026-52965 entry pertains to the Linux kernel DRM/TTM path and fixes an infinite LRU walk during swapout. Specifically, when ttm_tt_swapout() fails, the code previously added the resource to bulk_move and then moved it to the LRU tail, which could place it ahead of the hitch and cause lis...

5.8AI score0.00167EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:28 p.m.10 views

CVE-2026-52949

The CVE-2026-52949 entry affects the Linux kernel DRM/TTM subsystem, specifically the ttm_bo_shrink() path. It describes an infinite LRU walk on backup failure that is fixed by applying the same remedy used for ttm_bo_swapout() (prevents the infinite LRU walk on swapout failure). The patch also c...

5.8AI score0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: esdusb: esdusbreadbulkcallback: fixed the URB memory leak. The memory leak was fixed in a similar manner to the issue in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed the URB memory leak”. In esdusbopen, t...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 7:16 a.m.9 views

CVE-2026-11997

The Bulk SEO Image plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1. This is due to missing or incorrect nonce validation on the plugin's settings page handler BulkSeoImage, which dispatches to launchbulk / BulkSeoImageGo whenever the request...

4.3CVSS0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 5:33 a.m.9 views

EUVD-2026-38688

The Bulk SEO Image plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1. This is due to missing or incorrect nonce validation on the plugin's settings page handler BulkSeoImage, which dispatches to launchbulk / BulkSeoImageGo whenever the request...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 5:33 a.m.13 views

CVE-2026-11997

CVE-2026-11997 affects the WordPress plugin Bulk SEO Image

4.3CVSS5.8AI score0.00128EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.34 views

CVE-2026-11997 Bulk SEO Image <= 1.1 - Cross-Site Request Forgery to Settings Update

The Bulk SEO Image plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.1. This is due to missing or incorrect nonce validation on the plugin's settings page handler BulkSeoImage, which dispatches to launchbulk / BulkSeoImageGo whenever the request...

4.3CVSS0.00128EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51859

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a failure in ttm tt swapout can lead to an infinite loop during the LRU Least Recently Used list walk. This occurs because ttm resource mov...

6AI score0.00167EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51843

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a backup failure can lead to an infinite LRU Least Recently Used walk within the ttm bo shrink function. This occurs because the del bulk...

5.9AI score0.00162EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51670

Name of the Vulnerable Software and Affected Versions Bulk SEO Image versions prior to 1.2 Description The Bulk SEO Image plugin for WordPress is subject to Cross-Site Request Forgery. This occurs because the settings page handler BulkSeoImage lacks proper nonce validation—a security token used t...

4.3CVSS5.6AI score0.00128EPSS
Exploits0References10
NVD
NVD
added 2026/06/23 9:17 p.m.13 views

CVE-2026-56120

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784...

Exploits0
NVD
NVD
added 2026/06/23 9:17 p.m.8 views

CVE-2026-47384

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific...

5.3CVSS0.00306EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 8:54 p.m.7 views

EUVD-2026-38594

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784...

8.6CVSS5.7AI score0.00258EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:15 p.m.6 views

CVE-2026-47384

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific...

5.3CVSS5.9AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 8:15 p.m.23 views

CVE-2026-47384

CVE-2026-47384 – NocoDB SQL Injection via Column Title in Bulk GroupBy : An authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column title to a SQL fragment. The vulnerable code path builds three database-specific knex.raw() aggregations t...

5.3CVSS5.9AI score0.00306EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:15 p.m.29 views

CVE-2026-47384 NocoDB: SQL Injection via Column Title in Bulk GroupBy

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create permission can inject SQL into the bulk groupBy endpoint by setting a column's title to a SQL fragment. The bulk groupBy path in group-by.ts builds three database-specific...

5.3CVSS0.00306EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/23 4:41 p.m.5 views

WordPress Bulk SEO Image plugin <= 1.1 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by nishida azuka in WordPress Plugin Bulk SEO Image versions = 1.1...

4.3CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder