Lucene search
K

723 matches found

Wolfi
Wolfi
added 6 days ago4 views

GHSA-75QX-877V-F9FF vulnerabilities

Vulnerabilities for packages: chromium...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.9 views

SUSE CVE-2026-53316

In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...

5.8AI score0.001EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53316

In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...

5.5CVSS0.001EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 7:41 p.m.4 views

CVE-2026-53316 drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...

5.5CVSS5.8AI score0.001EPSS
Exploits0References5
CVE
CVE
added 2026/06/26 7:41 p.m.16 views

CVE-2026-53316

CVE-2026-53316 : In the Linux kernel, the DRM/AMD ras subsystem suffers a NULL pointer dereference in ras_core_ras_interrupt_detected() when ras_core is NULL and ras_core->dev is accessed in the error path. This has been fixed in kernel code (see commits referenced by the CVE). The vulnerabili...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.18 views

PT-2026-52650

Name of the Vulnerable Software and Affected Versions Revive Adserver version 6.0.7 Description Stored Cross-Site Scripting XSS occurs in the maintenance-acl-check.php and maintenance-banners-check.php tools. The issue arises when entity names are displayed without proper escaping during the...

5.4CVSS5.9AI score0.00199EPSS
Exploits1References8
Snyk
Snyk
added 2026/05/25 7:12 a.m.13 views

Malicious Package

Overview mcp-dashboards-shared is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2026/05/21 12:38 a.m.79 views

CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

10CVSS0.18914EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Drop all currently held locks if a deadlock occurs. If vc4hdmiresetlink returns -EDEADLK, it means that a deadlock has occurred in the locking context. This issue should be addressed by dropping all currently held locks...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Check the count value of the channel specification to prevent out-of-bounds reads This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g, which occur when the count value of the...

7.1CVSS6.3AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options “multichannel, maxChannels=2,...

7.8CVSS6.7AI score0.00241EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 2:40 a.m.17 views

Malicious code in ethers-wallet-packages (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beda1480a40189cc8177ace4e3d6fd9773ad81f4cbe5a6c07e3004427846dc8d The package impersonates the legitimate @ethersproject/wallet source files are otherwise verbatim copies, including the internal version string...

5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/15 10:40 a.m.13 views

Malicious Package

Overview apple-coredata-internal-service is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/06 11:28 a.m.2 views

CVE-2026-43197 netconsole: avoid OOB reads, msg is not nul-terminated

In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole from the console subsystem is not guaranteed to be nul-terminated. Before recent commit 7eab73b18630 "netconsole: convert to NBCON console...

9.1CVSS6.6AI score0.00462EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/02 10:0 p.m.28 views

EUVD-2026-26802

A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation results in deserialization. The attack can be executed remotely. A hi...

6.3CVSS5.3AI score0.00368EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.9 views

PT-2026-32285

A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/12 7:45 p.m.2 views

CVE-2026-6129 zhayujie chatgpt-on-wechat CowAgent Agent Mode Service missing authentication

A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The...

7.5CVSS5.5AI score0.00391EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/09 12:15 a.m.4 views

CVE-2026-5825

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

5.3CVSS4.5AI score0.00357EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.7 views

PT-2026-29327

Name of the Vulnerable Software and Affected Versions SourceCodester Leave Application System version 1.0 Description A file inclusion issue exists in SourceCodester Leave Application System. Exploitation involves manipulating the page argument, potentially allowing for remote code execution. The...

7.5CVSS7.3AI score0.00292EPSS
Exploits0References9
Wolfi
Wolfi
added 2026/03/25 7:48 p.m.9 views

GHSA-MF92-479X-3373 vulnerabilities

Vulnerabilities for packages: jenkins, apache-nifi-registry, thingsboard, apache-nifi...

6.1AI score
Exploits0
Rows per page
Query Builder