Lucene search
K

29 matches found

CVE
CVE
added 6 days ago52 views

CVE-2026-14480

CVE-2026-14480 affects OpenPLC Runtime v3. An authenticated user can write arbitrary files via the legacy web UI program-upload workflow by storing a attacker-controlled filename (prog_file) that is later used as the destination path. Python os.path.join() honors absolute paths, enabling writes a...

9.9CVSS6.2AI score0.00616EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 3:47 p.m.99 views

CVE-2026-0828

CVE-2026-0828 affects Safetica’s endpoint client x64, specifically the kernel driver ProcessMonitorDriver.sys (versions 10.5.75.0 and 11.11.4.0). The vulnerability stems from an IOCTL path that lacks proper caller privilege validation, allowing an unprivileged user with a handle to the device to ...

7.5CVSS6.1AI score0.00461EPSS
Exploits2References2
NVD
NVD
added 2026/06/25 9:16 a.m.10 views

CVE-2026-53253

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

7.1CVSS0.00274EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

7.1CVSS5.8AI score0.00274EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.12 views

CVE-2025-52532

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgvcmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the...

2CVSS5.7AI score0.00072EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:59 a.m.16 views

CVE-2025-52532

A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgvcmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within the...

2CVSS5.9AI score0.00072EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.11 views

VulTriage: Triple-Path Context Augmentation for LLM-Based Vulnerability Detection

Automated vulnerability detection is a fundamental task in software security, yet existing learning-based methods still struggle to capture the structural dependencies, domain-specific vulnerability knowledge, and complex program semantics required for accurate detection. Recent Large Language...

5.9AI score
Exploits0
EUVD
EUVD
added 2026/05/01 2:15 p.m.10 views

EUVD-2026-26594

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.8AI score0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007268 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...

5.5CVSS6AI score0.0024EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 12:23 p.m.5 views

CVE-2023-54300 wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...

6.4AI score0.00195EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-2485

Malware in sbrugna...

9.8CVSS9.4AI score0.01725EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-8488

Malicious code in bioql PyPI...

7.2AI score0.002EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/22 9:46 p.m.10 views

CVE-2022-45918

ILIAS before 7.16 allows External Control of File Name or Path...

6.5CVSS6.9AI score0.01178EPSS
Exploits3References1
OSV
OSV
added 2025/03/27 3:15 p.m.8 views

UBUNTU-CVE-2025-21875

In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING: CP...

5.5CVSS6.5AI score0.002EPSS
Exploits0References41
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.3 views

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA version 3.2.0 that stems from vulnerability to SQL injection attacks via the nextPage parameter in /controle/control.php...

9.8CVSS7.8AI score0.00541EPSS
Exploits1References3
OSV
OSV
added 2024/11/19 5:19 p.m.15 views

CVE-2024-50304 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()

In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex and iptunnelfind is only called from the control path where the mutex is taken. Add a lockdep...

5.5CVSS6AI score0.00239EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.7 views

PT-2024-34129

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc3-custom-gd95d9a31aceb Description: The issue is related to a suspicious RCU usage warning in the ip tunnel find function. The per-netns IP tunnel hash table is protected by the RTNL mutex, and ip tunne...

5.5CVSS6.7AI score0.00239EPSS
Exploits0
OSV
OSV
added 2024/07/29 3:15 p.m.8 views

AZL-68343 CVE-2024-41082 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.9 views

UBUNTU-CVE-2024-41082

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

5.5CVSS6.5AI score0.00226EPSS
Exploits0References15
OSV
OSV
added 2024/06/14 11:8 a.m.9 views

OESA-2024-1706 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler Function mlx5erepneighupdate wasn't updated to accommodate rtnl lock removal from TC filter...

8.8CVSS6.3AI score0.01305EPSS
Exploits1References62
Rows per page
Query Builder