Lucene search
+L

10345 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in GIMP

GIMP PSP File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.6AI score0.00744EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in GIMP

GIMP JP2 File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page ...

7.8CVSS7.8AI score0.00539EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52121

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description A directory traversal flaw exists in the updateLicense method, where a lack of proper validation of user-supplied paths allows authenticated remote attackers to delete arbitrary files. Th...

6.5CVSS6.2AI score0.01195EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-52124

Name of the Vulnerable Software and Affected Versions ATEN Unizon affected versions not specified Description An issue in the restoreDB function allows authenticated remote attackers to execute arbitrary code in the context of SYSTEM. This occurs due to insufficient validation of a user-supplied...

7.2CVSS7.5AI score0.01477EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/20 12:28 a.m.16 views

kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg()

A flaw was found in the Linux kernel's Controller Area Network CAN ISO-TP isotp module. This vulnerability, known as a use-after-free, occurs when the system attempts to free a memory region while it is still being used. A local attacker could trigger this condition by sending a signal that...

7.8CVSS7AI score0.00104EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.18 views

Astra Linux – Vulnerability in Linux 5.15

A null pointer dereference issue was detected in the can protocol in the net/can/afcan.c file in Linux before Linux. The mlpriv variable may not be initialized in the receive path of CAN frames. A local user could exploit this flaw to crash the system or potentially cause a denial of service...

5.5CVSS6.7AI score0.002EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/15 2:29 a.m.8 views

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

7.8CVSS6.1AI score0.00226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.7 views

RHEL 10 : kernel (RHSA-2026:25908)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...

7.8CVSS5.5AI score0.00353EPSS
Exploits4References8
EUVD
EUVD
added 2026/06/12 8:24 p.m.11 views

EUVD-2026-36557

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks cansee? on the post being explained, not its replytopost, so any authenticated user wi...

4.3CVSS5.3AI score0.00189EPSS
Exploits0References1
Amazon
Amazon
added 2026/06/08 12:0 a.m.20 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap CVE-2025-40307 In the...

8.8CVSS5.1AI score0.0049EPSS
Exploits1
NVD
NVD
added 2026/06/06 6:16 p.m.12 views

CVE-2026-11441

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS0.00214EPSS
Exploits0References6
CVE
CVE
added 2026/06/06 5:45 p.m.40 views

CVE-2026-11441

The CVE-2026-11441 affects Theonedev Onedev (up to 15.0.5) specifically the Pull Request Handler’s canAccessIssue function in the /issues/ path. The issue arises from manipulation of the issue argument, causing improper authorization. Exploitation is possible remotely. A fix is available in versi...

6.5CVSS5.2AI score0.00214EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/06 5:45 p.m.13 views

EUVD-2026-34976

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

6.5CVSS5.2AI score0.00214EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-34177

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

9.1CVSS5.5AI score0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.18 views

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

9.8CVSS6.1AI score0.00544EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.17 views

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS5.7AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.10 views

CVE-2026-8421

Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the installpackage method of concrete/controllers/singlepage/dashboard/extend/install.php. An attacker who can cause an authenticated administrator to visit a crafted page, and who has placed or caused a package to be present under...

8.8CVSS5.9AI score0.00171EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.16 views

Fedora 44 : xorg-x11-server-Xwayland (2026-f98eff99c4)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f98eff99c4 advisory. Update to xwayland 24.1.12, security fixes for ZDI-CAN-30136, ZDI-CAN-30159, ZDI-CAN-30160, ZDI-CAN-30161, ZDI-CAN-30163, ZDI-CAN-30164, ZDI-CAN-30165,...

5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

MBS多款产品 安全漏洞

MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities. These vulnerabilities stem from insufficient validation of user-controlled inputs using the ugw-logstop method, which could...

8.1CVSS5.5AI score0.0037EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.19 views

Oracle Linux 8 : kernel (ELSA-2026-21706)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21706 advisory. - smb: client: validate the whole DACL before rewriting it in cifsacl Paulo Alcantara RHEL-172815 CVE-2026-31709 - netfilter: xttcpmss: check remainin...

9.4CVSS6.1AI score0.00591EPSS
Exploits0References19
Rows per page
Query Builder