Lucene search
K

8397 matches found

Cvelist
Cvelist
added 3 hours ago8 views

CVE-2026-58555

Permission bypass vulnerability in the card module. Impact: Successful exploitation of this vulnerability may affect availability...

6.6CVSS
Exploits0References2
EUVD
EUVD
added 3 hours ago4 views

EUVD-2026-44658

Permission bypass vulnerability in the card module. Impact: Successful exploitation of this vulnerability may affect availability...

6.6CVSS6.1AI score
Exploits0References2
CVE
CVE
added 3 hours ago7 views

CVE-2026-58555

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-58555.

6.6CVSS6.1AI score
Exploits0References2
Nuclei
Nuclei
added 11 hours ago33 views

WooCommerce Ultimate Gift Card ≤ 2.6.0 - Arbitrary File Upload

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.6.0. This makes it possible for...

9.8CVSS7.6AI score0.03858EPSS
Exploits1References3
NVD
NVD
added 2 days ago4 views

CVE-2026-22098

Various sensitive information such as passwords and charging card UIDs are written to log files...

9.2CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-22098 Sensitive information is written to logs

Various sensitive information such as passwords and charging card UIDs are written to log files...

9.2CVSS0.00332EPSS
Exploits0References1
CVE
CVE
added 2 days ago12 views

CVE-2026-22098

Technical details about CVE-2026-22098 are not publicly available in the provided documents. The issue is described as sensitive information written to log files, but product/versions, impact specifics, and fixes are not specified. Monitor for updates.

9.2CVSS6.1AI score0.00332EPSS
Exploits0References1
OSV
OSV
added 2026/07/07 10:16 p.m.3 views

DEBIAN-CVE-2026-58266

Anki is a program for creating and reviewing flashcards. Prior to 25.09.4, Anki's webview-based pages communicate with the Rust backend using an internal localhost API, and user scripts included via iframes in the editor can access this API despite protections intended to block reviewer and edito...

6.5CVSS6.2AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/07/07 4:3 p.m.6 views

PYSEC-2026-1925 SKOPS Card.get_model happily allows arbitrary code execution

Summary The Card class of skops, used for model documentation and sharing, allows arbitrary code execution. When a file other than .zip is provided to the Card class during instantiation, the internally invoked Card.getmodel method silently falls back to joblib without warning. Unlike the .skops...

8.4CVSS6.6AI score0.00212EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2026/07/01 12:59 p.m.25 views

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both...

8.8CVSS7.2AI score0.99735EPSS
Exploits9
OSV
OSV
added 2026/06/30 9:15 a.m.3 views

SUSE-SU-2026:2697-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...

6.8CVSS6.3AI score0.00296EPSS
Exploits0References10
OSV
OSV
added 2026/06/29 10:57 a.m.5 views

SUSE-SU-2026:2678-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer-overflow write bsc1261220. - CVE-2026-10275: global buffer overflow duri...

6.8CVSS6AI score0.00296EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

SUSE SLES15 Security Update : opensc (SUSE-SU-2026:2657-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2657-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References19
OSV
OSV
added 2026/06/26 12:25 p.m.2 views

SUSE-SU-2026:2657-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
RedhatCVE
RedhatCVE
added 2026/06/25 6:2 p.m.6 views

CVE-2026-53112

A flaw was found in the Linux kernel's rtlwifi PCI driver. This vulnerability, a use-after-free, occurs when a rtlwifi wireless card is detached or fails to initialize, and a related background task is not properly shut down. This can lead to the system attempting to access memory that has alread...

5.7AI score0.00164EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53152

In the Linux kernel, the following vulnerability has been resolved: mmc: dwmmc-rockchip: Add missing private data for very old controllers The really old controllers rk2928, rk3066, rk3188 do not support UHS speeds at all, and thus never handled phase data. For that reason it never had a parsedt...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:38 a.m.16 views

CVE-2026-53177

CVE-2026-53177 affects bnxt_en in the Linux kernel. A NULL pointer dereference can occur in bnxt_io_error_detected() when PCIe error recovery runs for a NIC that is closed, due to bp->bnapi being freed on NIC close. The fix is to check bp->bnapi for NULL before disabling and synchronizing I...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52273

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs during PCIe error recovery. When a Root Port or Downstream Port detects PCIe errors, recovery services run on all subordinate devices regardless of thei...

5.5CVSS6AI score0.00122EPSS
Exploits0References23
NVD
NVD
added 2026/06/24 10:16 p.m.9 views

CVE-2026-55570

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields name, version, author, description when they are serialized into the data-obj HTML attribute of each marketplace card. Because the attribute is single-quoted and the value is...

9CVSS0.00327EPSS
Exploits0References1
Rows per page
Query Builder