Lucene search
K

34421 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.4 views

Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-8772)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack enabling an attacker to block access to the overlay configuration page in the web interface of the Axis device. Exploitation requires prior authentication...

4.3CVSS5.9AI score0.00418EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54291

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the WebRTC component on Windows allows a remote attacker to leak cross-origin data by using a specially crafted HTML page. WebRTC Web Real-Time Communication is a...

9.6CVSS6AI score0.00413EPSS
Exploits0References437
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

Axis Communications AXIS OS Improper Validation of Specified Type of Input (CVE-2024-47262)

Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Axis has released patched AXIS OS versions for this flaw. Endpoints not...

5.3CVSS6AI score0.00334EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 11:16 p.m.9 views

CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS0.00232EPSS
Exploits1References2
NVD
NVD
added 2026/06/29 9:16 p.m.15 views

CVE-2026-53404

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

7.3CVSS0.00413EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 9:16 p.m.9 views

CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS0.00368EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:41 p.m.3 views

CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

5.7AI score0.00368EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/29 8:41 p.m.29 views

CVE-2026-53434 Apache Tomcat: Invalid CRL configuration doesn't trigger failure for FFM Connector

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

0.00368EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 8:17 p.m.7 views

CVE-2026-43743

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination...

4.7CVSS0.00096EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:42 p.m.6 views

CVE-2026-43743

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination...

4.7CVSS5.7AI score0.00096EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 7:42 p.m.17 views

CVE-2026-43743

CVE-2026-43743 is a race condition addressed by Apple in macOS Tahoe 26.5.2 and iOS/iPadOS 26.5.2. The issue affects the IOGPUFamily entry (Impact: a user-level app may cause an unexpected system termination) and is mitigated by the patched state handling. The CVE references confirm the fix in ma...

4.7CVSS5.7AI score0.00096EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2026/06/29 5:24 p.m.18 views

CVE-2026-57959

CVE-2026-57959 affects Hi.Events up to version 1.9.0. The vulnerability arises in promo code validation where the reservation path checks the usage count before the asynchronous UpdateEventStatisticsJob increments it, enabling a race condition. Attackers can sequentially reserve multiple orders u...

8.2CVSS5.8AI score0.00193EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 5:24 p.m.7 views

EUVD-2026-40144

Hi.Events through 1.9.0 contains a promo code validation vulnerability where reservation validates usage count before asynchronous UpdateEventStatisticsJob increments it, allowing attackers to redeem limited promo codes unlimited times. Attackers can sequentially reserve multiple orders with the...

8.2CVSS5.8AI score0.00193EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 2:18 p.m.7 views

CVE-2026-53265

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 12:38 p.m.6 views

CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.8 views

PT-2026-53729

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A race condition, which occurs when the timing or sequence of events is not properly controlled, was identified. This issue allows an...

4.7CVSS6AI score0.00096EPSS
Exploits0References6
Apple
Apple
added 2026/06/29 12:0 a.m.9 views

About the security content of iOS 26.5.2 and iPadOS 26.5.2

About the security content of iOS 26.5.2 and iPadOS 26.5.2 This update delivers security fixes that were first made available in the iOS 26.6 and iPadOS 26.6 betas. This document describes the security content of iOS 26.5.2 and iPadOS 26.5.2. About Apple security updates For our customers'...

9.1CVSS5.8AI score0.00371EPSS
Exploits2References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Us...

7.8CVSS6AI score0.00135EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since fu...

7.8CVSS6AI score0.0012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first...

6AI score0.00172EPSS
Exploits0References3
Rows per page
Query Builder