Lucene search
K

178 matches found

Fedora
Fedora
added 2026/07/07 12:51 a.m.8 views

[SECURITY] Fedora 44 Update: perl-Imager-1.032-1.fc44

Imager is a module for creating and altering images. It can read and write various image formats, draw primitive shapes like lines,and polygons, blend multiple images together in various ways, scale, crop, render text and more...

7.5CVSS5.9AI score0.00375EPSS
Exploits0
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53244

In the Linux kernel, the following vulnerability has been resolved: VFS: fix possible failure to unlock in nfsd4createfile atomiccreate in fs/namei.c drops the reference to the dentry when it returns an error. This behaviour was imported into dentrycreate so that it will drop the reference if an...

7.5CVSS5.7AI score0.00359EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53244 VFS: fix possible failure to unlock in nfsd4_create_file()

In the Linux kernel, the following vulnerability has been resolved: VFS: fix possible failure to unlock in nfsd4createfile atomiccreate in fs/namei.c drops the reference to the dentry when it returns an error. This behaviour was imported into dentrycreate so that it will drop the reference if an...

7.5CVSS0.00359EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39195

In the Linux kernel, the following vulnerability has been resolved: VFS: fix possible failure to unlock in nfsd4createfile atomiccreate in fs/namei.c drops the reference to the dentry when it returns an error. This behaviour was imported into dentrycreate so that it will drop the reference if an...

5.7AI score0.00359EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53244

CVE-2026-53244 concerns the Linux kernel NFSD component. When exporting a filesystem with the atomic_create hook, an error from atomic_create() could cause nfsd4_create_file() to fail unlocking the parent directory, risking resource exhaustion and potential DoS. The root cause is that dentry hand...

7.5CVSS5.7AI score0.00359EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52339

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A failure to unlock the parent directory occurs in the nfsd4 create file function. This happens when the NFSD exports a filesystem using atomic create and that function returns an error...

7.5CVSS6.1AI score0.00359EPSS
Exploits0References13
CVE
CVE
added 2026/06/08 2:53 p.m.22 views

CVE-2026-22164

Technical details are not publicly available in the provided documents. Monitor for future updates.

7.5CVSS5.4AI score0.00338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.14 views

CVE-2026-8676

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond...

8.8CVSS5.5AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 7:36 p.m.18 views

EUVD-2026-31969

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond...

8.8CVSS5.8AI score0.00202EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

cPanel 输入验证错误漏洞

cPanel is a web-based automated hosting platform developed by cPanel Inc. This platform is primarily used for automating the management of websites and servers. cPanel has a vulnerability related to input validation errors, which stem from insufficient input validation in the plugin parameter...

8.8CVSS6.2AI score0.0083EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 12:0 a.m.14 views

CVE-2026-38669

CVE-2026-38669 affects wCMS v1.4 and is described as a Cross Site Scripting (XSS) vulnerability when creating a new blog. The connected sources confirm the product/version and the XSS impact, with a CVSS v3.1 base score of 6.1 (Medium) and user interaction required. The documents do not provide r...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/18 12:0 a.m.4 views

CVE-2025-70141

SourceCodester Customer Support System 1.0 contains an incorrect access control vulnerability in ajax.php. The AJAX dispatcher does not enforce authentication or authorization before invoking administrative methods in adminclass.php based on the action parameter. An unauthenticated remote attacke...

9.4CVSS5.6AI score0.00546EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2026/01/10 9:1 a.m.5 views

benet: fix BUG when creating VFs

...

5.5CVSS5.4AI score0.0016EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.6 views

CVE-2022-38844

CSV Injection in Create Contacts in EspoCRM 7.1.8 allows remote authenticated users to run system commands via creating contacts with payloads capable of executing system commands. Admin user exporting contacts in CSV file may end up executing the malicious system commands on his system...

8CVSS7.8AI score0.01138EPSS
Exploits1References1
NVD
NVD
added 2025/12/30 1:16 p.m.6 views

CVE-2023-54241

In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 "MIPS: Remove KVMTE support" we get a NULL pointer dereference when creating a KVM guest: 146.243409 Starting KVM with MIPS VZ extensions 149.849151 CP...

0.00168EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53092

Name of the Vulnerable Software and Affected Versions Kodezen LLC Academy LMS versions through 3.4.0 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Stored Cross-site Scripting XSS condition. This allows an attacker to...

5.4CVSS5.7AI score0.00135EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/22 9:35 p.m.32 views

CVE-2023-53977 myBB Forums 1.8.26 Stored Cross-Site Scripting via Forum Management

myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum management system that allows authenticated administrators to inject malicious scripts when creating new forums. Attackers can exploit this vulnerability by inserting script payloads in the forum title field when...

5.4CVSS0.00194EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/11/11 11:39 a.m.15 views

zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c

It was discovered that zziplib is vulnerable to a directory traversal flaw in most of its unzip binaries, including unzip-mem, unzzipcat-mem, unzzipcat-big, unzzipcat-mix, and unzzipcat-zip. An attacker may use this flaw to write files outside the intended target directory, overwriting existing...

5.8CVSS5.8AI score0.01538EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/29 12:0 a.m.5 views

CVE-2025-56807

A cross-site scripting XSS vulnerability in FairSketch RISE Ultimate Project Manager & CRM 3.9.4 allows an administrator to store a JavaScript payload using the file explorer in the admin dashboard when creating new folders...

5.4AI score0.00213EPSS
Exploits2References1
Snyk
Snyk
added 2025/08/19 3:41 p.m.2 views

Cross-site Scripting (XSS)

Overview moonshine/moonshine is a Laravel administration panel Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Link parameter when creating/updating a new Article. Note There appears to be a fix attempt in 3.12.4, which was reverted in 3.12.6. At the time of...

4.8CVSS5.3AI score0.00401EPSS
Exploits2References2
Rows per page
Query Builder