Lucene search
K

37490 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added yesterday2 views

Malicious code in @sectest429/hello-npm-world (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 479b9303d76a49dfacb402f0a906e32686b5d276e23f429678150e73e506550d The package advertises a single function module.exports = function helloname but ships a preinstall.js lifecycle script that runs automatically on np...

6.4AI score
Exploits0References1
OSV
OSV
added yesterday2 views

MAL-2026-10478 Malicious code in @sectest429/hello-npm-world (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 479b9303d76a49dfacb402f0a906e32686b5d276e23f429678150e73e506550d The package advertises a single function module.exports = function helloname but ships a preinstall.js lifecycle script that runs automatically on np...

6.4AI score
Exploits0References1
Nuclei
Nuclei
added yesterday16 views

wpDiscuz <= 5.3.5 - SQL Injection

A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. id: CVE-2020-13640 info: name: wpDiscuz = 5.3.5 - SQL Injection author: Sourabh-Sahu severity:...

9.8CVSS7.3AI score0.12706EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday43 views

Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php. id:...

7.5CVSS6.3AI score0.251EPSS
Exploits1References5
Packet Storm
Packet Storm
added yesterday8 views

📄 Google Pixel 10 Codec3P VPU fw_debug_buf Use-After-Free / Privilege Escalation

C proof of concept and vulnerability write-up for CVE-2026-0125 affecting the Google Pixel 10 Codec3P VPU driver. The issue is a race condition involving the fwdebugbuf pointer in the VPU kernel driver. The issue was fixed in the June 2026 Pixel Security Bulletin. Issue description There are...

7CVSS6.1AI score0.00067EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 4 days ago5 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2595)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Input: alps - fix use-after-free bugs caused by dev3registerworkCVE-2025-68822 ext4: reject mount if bigalloc with sfirstdatablock !=...

9.8CVSS6.9AI score0.0138EPSS
Exploits15References167
Oracle linux
Oracle linux
added 4 days ago5 views

Unbreakable Enterprise kernel security update

5.15.0-322.203.3.3 - locking/rtmutex: Skip removewaiter when waiter is not enqueued Davidlohr Bueso Orabug: 39706512 - rtmutex: Use waiter::task instead of current in removewaiter Keenan Dong Orabug: 39706512 CVE-2026-43499 5.15.0-322.203.3.2 - KVM: x86/mmu: Ensure hugepage is in by slot before...

7.8CVSS7AI score0.00125EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 4 days ago5 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2535)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Input: alps - fix use-after-free bugs caused by dev3registerworkCVE-2025-68822 ext4: reject mount if bigalloc with sfirstdatablock !=...

9.8CVSS6.9AI score0.0138EPSS
Exploits15References167
IBM Security Bulletins
IBM Security Bulletins
added 5 days ago4 views

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-1933 DESCRIPTION: A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks,...

9.8CVSS6.9AI score0.12797EPSS
Exploits10Affected Software1
AstraLinux
AstraLinux
added 5 days ago4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fixed a use-after-free in bondxmitbroadcast. bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release operations may mutat...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

SUSE SLED15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2026:2800-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2800-1 advisory. The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issu...

9.8CVSS6.2AI score0.93235EPSS
Exploits47References328
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago4 views

Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Summary Security vulnerabilities have been addressed in IBM Verify Identity Access and IBM Security Verify Access Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide...

9.8CVSS7.4AI score0.00252EPSS
Exploits1Affected Software2
SUSE Linux
SUSE Linux
added 6 days ago12 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. CVE-2025-71294:...

9.3CVSS6.9AI score0.00469EPSS
Exploits1References450
OSV
OSV
added 6 days ago3 views

SUSE-SU-2026:2800-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. -...

9.8CVSS7AI score0.93235EPSS
Exploits47References223
SUSE Linux
SUSE Linux
added 6 days ago5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. CVE-2025-40341: futex:...

9.3CVSS6.9AI score0.0053EPSS
Exploits1References706
OSV
OSV
added 6 days ago2 views

SUSE-SU-2026:2799-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341:...

9.8CVSS6.8AI score0.93235EPSS
Exploits47References351
Packet Storm
Packet Storm
added 6 days ago35 views

📄 NTLM Relay to Self Attack Module for Active Directory Privilege Escalation

This is a Metasploit module designed for Windows/Active Directory environments that performs an advanced NTLM relay-to-self attack to escalate privileges on a compromised machine...

6AI score
Exploits0
Oracle linux
Oracle linux
added 2026/07/07 12:0 a.m.4 views

kernel security, bug fix, and enhancement update

5.14.0-687.19.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

9.8CVSS6.5AI score0.00465EPSS
Exploits0
EUVD
EUVD
added 2026/07/06 8:17 p.m.7 views

EUVD-2026-24979

comm: FIFO/pipe inputs are drained before comparison data loss / hang...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 8:17 p.m.3 views

GHSA-3WFC-MGPM-9RQ6 comm: FIFO/pipe inputs are drained before comparison (data loss / hang)

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.9AI score0.00135EPSS
Exploits0References6
Rows per page
Query Builder