Lucene search
K

17037 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/25 12:33 a.m.4 views

CVE-2026-57589

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.4CVSS5.8AI score0.00125EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 12:33 a.m.5 views

EUVD-2026-39156

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.4CVSS5.8AI score0.00125EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52469

Name of the Vulnerable Software and Affected Versions K2 affected versions not specified Description The frontend article-attachment upload path allows the upload of files with the .php extension. When used with Apache's standard mod php, which matches the .php$ pattern, these files are executed...

6.3CVSS6.1AI score0.00167EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: libertas: don't kill URBs in interrupt context Serialization for the TX path was enforced by calling usbkillurb/usbkillanchoredurbs, to prevent transmissi...

6AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 11:16 p.m.11 views

CVE-2026-39900

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the authprofile.php JavaScript context. This issue has been fixed in version 1.2.31...

6.1CVSS0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 11:14 p.m.28 views

CVE-2026-9781 Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...

8.8CVSS0.00689EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 10:16 p.m.7 views

CVE-2026-9778

ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS0.01477EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 10:16 p.m.7 views

CVE-2026-9777

ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the restoreDB...

7.2CVSS0.01477EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 9:37 p.m.11 views

CVE-2026-9778

ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS6.4AI score0.01477EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/24 9:37 p.m.19 views

CVE-2026-9778 ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability

ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7.2CVSS0.01477EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 9:36 p.m.16 views

CVE-2026-9777 ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability

ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the restoreDB...

7.2CVSS0.01477EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 9:36 p.m.23 views

CVE-2026-9776

ATEN Unizon contains a directory traversal flaw in writeFileToHttpServletResponse that allows remote disclosure of sensitive information without authentication. The issue stems from improper validation of a user-supplied path used in file operations, enabling an attacker to access data in the SYS...

7.5CVSS7AI score0.0158EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/24 7:17 p.m.10 views

CVE-2026-49220

Jellyfin is an open source self hosted media server. Prior to 10.11.9, a potential XSS attack exists in Jellyfin which can allow a non-privileged user to execute arbitrary Javascript in the context of a logged-in Administrative user, resulting in numerous potential issues. The Client header durin...

5.7CVSS0.00194EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:23 p.m.10 views

CVE-2026-49220

CVE-2026-49220 affects Jellyfin up to version 10.11.8, where a vulnerability in the AuthenticateByName flow allows a non-privileged user to inject HTML/JavaScript in the Client header that executes in an Administrative user session when accessing a user’s detail from the dashboard. This is a user...

5.7CVSS6.1AI score0.00194EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:43 p.m.3 views

GHSA-PRJ9-97MP-MWH2 OliveTin has Unvalidated `ot_`-prefixed Arguments that Bypass Input Filtering

Description The filterToDefinedArgumentsOnly function in the executor is intended to discard any arguments not explicitly defined in the action's configuration. However, a special case allows any argument whose name starts with ot to bypass this filter. While two system arguments...

4.3CVSS6.1AI score
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.4 views

CVE-2026-53085

In the Linux kernel, the following vulnerability has been resolved: bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget. If the task exits concurrently, the mmstruct can be freed as it is...

7.8CVSS0.00111EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53057

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...

8.8CVSS0.00127EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53055

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...

9.8CVSS0.00435EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38975

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: don't kill URBs in interrupt context Serialization for the TX path was enforced by calling usbkillurb/usbkillanchoredurbs, to prevent transmission before a previous URB was completed. usbtxblock can be called from...

5.7AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38963

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix abuse of kprobewritectx via freplace uprobe programs are allowed to modify struct ptregs. Since the actual program type of uprobe is KPROBE, it can be abused to modify struct ptregs via kprobe+freplace when the kprobe...

5.7AI score0.00166EPSS
Exploits0References3
Rows per page
Query Builder