Lucene search
K

434 matches found

SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.6 views

SUSE CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

5.5CVSS5.2AI score0.00424EPSS
Exploits0References20
OSV
OSV
added 2026/01/25 2:36 p.m.5 views

CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

7.5CVSS5.3AI score0.00424EPSS
Exploits0References10
NVD
NVD
added 2026/01/21 7:16 a.m.10 views

CVE-2026-22976

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This happens whe...

5.5CVSS0.00118EPSS
Exploits0References8
CVE
CVE
added 2026/01/21 6:57 a.m.39 views

CVE-2026-22976

CVE-2026-22976 affects the Linux kernel’s net/sched sch_qfq, where two qfq_class objects can reference the same leaf_qdisc. In certain teardown paths (e.g., when a qdisc is pending destruction via tc_new_tfilter and another qdisc is root-attached), a shared leaf_qdisc may have q.qlen > 0 while...

5.5CVSS5.3AI score0.00118EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003642 advisory. A NULL pointer dereference vulnerability in the function nfcgenldeactivatetarget in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicio...

5.5CVSS6.7AI score0.02346EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000299)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000299 advisory. A NULL pointer dereference vulnerability in the function nfcgenldeactivatetarget in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicio...

5.5CVSS6.7AI score0.02346EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/24 3:30 p.m.7 views

EUVD-2023-60338

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: dropping parent refcount after pdfreefn is done Some cgroup policies will access parent pd through child pd even after pdofflinefn is done. If pdfreefn for parent is called before child, then UAF can be triggered. Hen...

6AI score0.00156EPSS
Exploits0References2
NVD
NVD
added 2025/12/06 6:15 a.m.10 views

CVE-2025-12091

The Search, Filters & Merchandising for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcissaveemail' endpoint in all versions up to, and including, 3.0.67. This makes it possible for authenticated attackers, with...

4.3CVSS0.00204EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/14 4:6 a.m.6 views

CVE-2025-12892

The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...

5.3CVSS5.3AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 4:15 a.m.12 views

CVE-2025-12892

The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...

5.3CVSS0.002EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/13 3:27 a.m.4 views

CVE-2025-12892 Survey Maker <= 5.1.9.4 - Missing Authorization Unauthenticated Limited Option Update

The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...

5.3CVSS4.9AI score0.002EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/13 3:27 a.m.5 views

EUVD-2025-150408

The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...

5.3CVSS4.9AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.10 views

PT-2025-46781

Name of the Vulnerable Software and Affected Versions Survey Maker plugin for WordPress versions up to and including 5.1.9.4 Description The software is susceptible to unauthorized data modification. This is due to a missing capability check within the deactivate plugin option function. This allo...

5.3CVSS6.1AI score0.002EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.8 views

WordPress plugin Survey Maker 安全漏洞

WordPress Survey Maker plugin is a tool for creating questionnaires with support for multiple question types and data analysis features for businesses or individuals to collect user feedback. WordPress Survey Maker plugin suffers from a missing capability check vulnerability, which stems from a...

5.3CVSS6.3AI score0.002EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989362 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The conclusion j1939sessiondeactivate...

5.5CVSS5.5AI score0.00226EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989711 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The conclusion j1939sessiondeactivate...

5.5CVSS5.5AI score0.00226EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Siemens SIMATIC Devices Use After Free (CVE-2024-43830)

In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by the activate callback and freed by the deactivat...

7.8CVSS6.2AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/25 5:31 a.m.5 views

EUVD-2025-35906

The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the postdeactive function and postactivate function in all versions up to, and including, 4.8.4...

2.7CVSS5AI score0.00203EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/25 5:31 a.m.5 views

CVE-2025-11888 ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution <= 4.8.4 - Incorrect Authorization to Authenticated (Editor+) License Status Update

The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the postdeactive function and postactivate function in all versions up to, and including, 4.8.4...

2.7CVSS5.1AI score0.00203EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 3:31 p.m.4 views

EUVD-2023-60028

In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286v4l2register There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks see /sys/kernel/debug/kmemleak unreferenced object...

5.7AI score0.00195EPSS
Exploits0References6
Rows per page
Query Builder