Lucene search
K

16986 matches found

NVD
NVD
added 2026/05/13 4:16 p.m.20 views

CVE-2026-43478

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

5.5CVSS0.001EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 4:16 p.m.6 views

UBUNTU-CVE-2026-43478

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

5.5CVSS5.7AI score0.001EPSS
Exploits0References3
CVE
CVE
added 2026/05/13 3:8 p.m.21 views

CVE-2026-43478

The CVE-2026-43478 issue affects the Linux kernel ASoC codecs rt1011 path. The root cause is using an incorrect helper to obtain the DAPM context in spk_mode_put; the correct function is snd_soc_component_to_dapm() and relying on the kcontrol flow can yield a NULL pointer. Provided connected sour...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:8 p.m.6 views

CVE-2026-43478

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

5.8AI score0.001EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/13 3:8 p.m.44 views

CVE-2026-43478 ASoC: codecs: rt1011: Use component to get the dapm context in spk_mode_put

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rt1011: Use component to get the dapm context in spkmodeput The correct helper to use in rt1011recvspkmodeput to retrieve the DAPM context is sndsoccomponenttodapm, from kcontrol we will receive NULL pointer...

0.001EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 2:22 p.m.31 views

CVE-2020-37225 Powie's WHOIS Domain Check 0.9.31 Persistent Cross-Site Scripting

Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in plugin settings. Attackers can submit malicious payloads through textarea and input elements in t...

6.4CVSS0.00243EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/13 2:22 p.m.8 views

CVE-2020-37225 Powie's WHOIS Domain Check 0.9.31 Persistent Cross-Site Scripting

Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by exploiting unsanitized input fields in plugin settings. Attackers can submit malicious payloads through textarea and input elements in t...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References5
CVE
CVE
added 2026/05/13 2:22 p.m.14 views

CVE-2020-37225

Powie’s WHOIS Domain Check 0.9.31 has a persistent cross-site scripting (XSS) vulnerability in pwhois_settings.php, exploitable by authenticated attackers via unsanitized input in plugin settings (textarea/input fields). This can execute JavaScript in the admin context and may enable privilege es...

6.4CVSS5.9AI score0.00243EPSS
Exploits0References5
OSV
OSV
added 2026/05/13 1:16 p.m.3 views

MINI-VFPW-GR34-X4W2

Bulletin has no description...

9.8CVSS5.7AI score0.00515EPSS
Exploits1
OSV
OSV
added 2026/05/13 1:15 p.m.3 views

MINI-72J3-25VP-HPG4

Bulletin has no description...

7.5CVSS5.7AI score0.00667EPSS
Exploits1
Wiz blog
Wiz blog
added 2026/05/13 1:0 p.m.10 views

Beyond Findings: Connecting Exploitable Risk to Cloud Context with Wiz and HackerOne

See proven, exploitable risk in the context of your full cloud environment...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/13 6:0 a.m.10 views

krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...

5.9CVSS5.8AI score0.0046EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.8 views

SUSE CVE-2026-43388

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43394

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.8 views

SUSE CVE-2026-43423

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.2AI score0.00091EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.12 views

PT-2026-40685

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ASoC codecs rt1011 where the rt1011 recv spk mode put function incorrectly attempts to retrieve the DAPM Dynamic Audio Power Management context. Using kcontrol in...

5.5CVSS5.8AI score0.001EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.23 views

PT-2026-40730

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 0.0.0-20260421031503-96dfe0bea474 Description A stored cross-site scripting XSS issue exists in the Bazaar marketplace. The application fails to sanitize the name and version fields in package metadata files such as...

9CVSS6AI score0.00361EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.25 views

Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study

Automated detection of vulnerability-fixing commits VFCs is critical for timely security patch deployment, as advisory databases lag patch releases by a median of 25 days and many fixes never receive advisories. We present a comprehensive evaluation of code language model based VFC detection...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.17 views

Context-Aware Web Attack Detection in Open-Source SIEM Systems Via MITRE ATT&CK-Enriched Behavioral Profiling

Security Information and Event Management SIEM systems aggregate log data from heterogeneous sources to detect coordinated attacks. Traditional rule-based correlation engines struggle to classify multi-step web application attacks because they examine each event without reference to the behaviour...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40592

Impact Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypted props p value as...

6.3CVSS5.8AI score0.00144EPSS
Exploits0References5
Rows per page
Query Builder