Lucene search
K

321 matches found

Intel
Intel
added 2026/05/12 12:0 a.m.10 views

Intel® NPU Driver Advisory

Summary: Potential security vulnerabilities for some Intel® NPU Drivers may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2026-20754 Description: Improper conditions check in...

6.9CVSS5.7AI score0.00104EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/17 9:39 p.m.4 views

CVE-2026-40474

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permissionrequired = 'config.changegymconfig' but inherits WgerFormMixin instead of WgerPermissionMixin, so the permission is never enforced at runtime. Since GymConfig is an...

7.6CVSS5.8AI score0.00333EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/08 9:32 p.m.4 views

EUVD-2024-47007

The Easy Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eaflresetsettings AJAX action in all versions up to, and including, 3.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.9AI score0.00395EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/01 8:14 p.m.9 views

CVE-2026-34517

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking clientmaxsize. This issue has been patched in version 3.13.4...

6.9CVSS5.8AI score0.00384EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : java-11-openjdk-11.0.22.0.7-2.el8 (AXSA:2024-7445:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7445:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

7.4CVSS8.5AI score0.01026EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.3 views

AlmaLinux 9 : postgresql:16 (ALSA-2026:0493)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0493 advisory. postgresql: CREATE STATISTICS does not check for schema CREATE privilege CVE-2025-12817 postgresql: libpq undersizes allocations, via integer wraparound...

5.9CVSS5.6AI score0.00307EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.7 views

CVE-2023-40649

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

5.5CVSS6.3AI score0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:13 p.m.5 views

CVE-2018-9370

In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS8.9AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:18 a.m.6 views

CVE-2021-0518

In Wi-Fi, there is a possible leak of location-sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-176541...

5.5CVSS6.1AI score0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:18 a.m.11 views

CVE-2021-0374

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

4.4CVSS6.1AI score0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:14 a.m.10 views

CVE-2021-0555

In RenderStruct of protostreamobjectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

7.5CVSS6.9AI score0.00773EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:58 a.m.21 views

CVE-2025-23097

An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes...

9.1CVSS6.8AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:16 a.m.3 views

CVE-2019-2014

In rwt3thandlegetscpollrsp of rwt3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

9.3CVSS7.2AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.7 views

CVE-2019-2289

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

10CVSS7.5AI score0.00606EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.11 views

CVE-2020-7460

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...

7CVSS6.7AI score0.00721EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:26 a.m.7 views

CVE-2023-4242

The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to obtain sensitive information about...

4.3CVSS5.8AI score0.00432EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:7 a.m.6 views

CVE-2020-7807

A vulnerability that can hijack a DLL file that is loaded during productsLGPCSuiteSetup, IPSFULLHD, LGULTRAWIDE, ULTRAHDDriver Setup installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in COMPONENT of LG Electronics LGPCSuiteSetup, IPSFULLHD,...

5.6CVSS6.9AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.7 views

CVE-2022-23654

Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path acces...

8.1CVSS6.6AI score0.00712EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.11 views

CVE-2022-27209

A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

6.5CVSS6.3AI score0.00887EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.10 views

CVE-2019-16574

A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS6.4AI score0.00852EPSS
Exploits0References1
Rows per page
Query Builder