Lucene search
K

8954 matches found

RedhatCVE
RedhatCVE
added 2026/05/28 2:43 a.m.15 views

CVE-2026-45899

A flaw was found in the Linux kernel, specifically within the ext4 filesystem's extent cache management. When an operation to split an extent fails, the system may not properly clear all related entries, leading to stale extent entries remaining in the extent status tree. This can result in data...

7CVSS5.8AI score0.0016EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 2:25 a.m.14 views

CVE-2026-45903

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier. This vulnerability occurs because several BPF helper functions lack proper memory access flags, such as MEMRDONLY or MEMWRITE. Consequently, the verifier may incorrectly assume that buffer contents remain unchanged across...

7.1CVSS5.9AI score0.00157EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 1:53 a.m.14 views

CVE-2026-45912

A flaw was found in the Linux kernel's ext4 filesystem. During certain file operations, specifically when splitting data extents, an issue with caching can lead to incorrect tracking of disk space. This can result in errors in space accounting, potentially impacting data integrity and the overall...

7CVSS5.8AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 12:19 a.m.16 views

CVE-2026-45942

A flaw was found in the Linux kernel's ext4 filesystem. A race condition exists between page migration and bitmap modification within the loadbuddy function. This can lead to bitmap inconsistencies and false positive corruption reports during certain workloads. This issue can affect data integrit...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References4
Redos
Redos
added 2026/05/28 12:0 a.m.15 views

ROS-20260528-73-0001

The vulnerability of the getdumpable function in the Linux operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS5.8AI score0.0138EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2026/05/27 5:27 p.m.13 views

CVE-2026-46091

A flaw was found in the igorplugusb component of the Linux kernel. The USB request structure, when handled by Direct Memory Access DMA on certain host controllers, did not properly follow DMA coherency rules. This oversight could lead to data integrity issues or unexpected system behavior, as the...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 5:0 p.m.27 views

CVE-2026-46095

A flaw was found in the Linux kernel's RAID Redundant Array of Independent Disks driver component. A race condition can occur when the system attempts to write or discard data, as a necessary synchronization barrier is not properly established before critical state changes. This oversight could...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-45985

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

5.5CVSS0.00123EPSS
Exploits0References7
CVE
CVE
added 2026/05/27 12:57 p.m.20 views

CVE-2026-46045

Technical details for CVE-2026-46045 are not provided in the connected documents. Affected products/versions and patch information are not specified. Monitor vendor advisories and CVE sources for updates.

7.8CVSS5.8AI score0.00127EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/27 8:52 a.m.10 views

CVE-2026-28374

A flaw was found in Grafana. An authenticated editor user could exploit this vulnerability to delete any annotation, even those for which they lack read permissions. This unauthorized action compromises the integrity of data by allowing deletion of information beyond their intended access scope...

4.3CVSS5.7AI score0.00198EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:53 a.m.12 views

CVE-2026-40829

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

7CVSS6AI score0.00295EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2026/05/27 7:53 a.m.15 views

CVE-2026-40828

CVE-2026-40828 describes an unauthenticated SQL injection in the DeleteSysLogEntry function, enabling a high-privilege remote attacker to read the entire database and delete entries in a non-critical table. Affected impact includes total confidentiality loss and some integrity loss. CVSS metrics ...

7CVSS6AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 7:52 a.m.31 views

CVE-2026-40825 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:50 a.m.9 views

CVE-2026-40824 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS6AI score0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:18 a.m.13 views

CVE-2025-41669 Insufficient Verification of Data Authenticity

The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...

8.8CVSS6.4AI score0.00218EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:18 a.m.19 views

CVE-2025-41669

The CVE-2025-41669 entry concerns the PLCnext platform’s Web-based Management. A remote, low-privileged Engineer can install additional APPs downloaded from the PLCnext Store without data verification, enabling arbitrary code execution with root privileges on the PLCnext Control. This could impac...

8.8CVSS6.4AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43595

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

7CVSS6AI score0.00295EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...

7CVSS5.9AI score0.00295EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 11:43 a.m.14 views

CVE-2026-7310

A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful...

4.4CVSS6.2AI score0.00103EPSS
Exploits0References1
Redos
Redos
added 2026/05/26 12:0 a.m.14 views

ROS-20260526-73-0001

A vulnerability in the email interpreter module of the Python programming language is related to improper code generation control. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

5.5CVSS6.9AI score0.00737EPSS
Exploits0
Rows per page
Query Builder