Lucene search
K

2594 matches found

CVE
CVE
added 2026/05/06 11:27 a.m.30 views

CVE-2026-43125

CVE-2026-43125 affects the Linux kernel dlm module. The vulnerability stems from unvalidated length in dlm_dump_rsb_name() coming from network messages, allowing an out-of-bounds write in dlm_search_rsb_tree() when the length exceeds DLM_RESNAME_MAXLEN. This could enable denial of service and, in...

9.8CVSS6.1AI score0.00426EPSS
Exploits0References14Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-37465

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Distributed Lock Manager DLM where the len parameter in the dlm dump rsb name function is not validated. Because this parameter is derived from network messages,...

9.8CVSS6AI score0.00426EPSS
Exploits0References149
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN,...

9.8CVSS6.1AI score0.00426EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/05 8:5 p.m.8 views

Directory Traversal

Overview github.com/minio/minio/cmd is an open source object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Directory Traversal via the ReadMultiple process. An attacker can access files outside the intended directory by sending a specially...

6.9CVSS6.3AI score0.08457EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/01 11:26 a.m.8 views

com.github.niupengyu.schedule:ahead-schedule-distributed (>=1.2.6-RELEASE <=1.2.8-RELEASE), com.github.niupengyu:ahead-frame-socket (>=1.2.1-RELEASE <=1.2.3-RELEASE) +40 more potentially affected by CVE-2026-42779 via org.apache.mina:mina-core (>=2.1.0 <=2.1.11)

org.apache.mina:mina-core MAVEN version =2.1.0, =1.2.6-RELEASE, =1.2.1-RELEASE, =2.2.1, =2.2.1, =3.0.0, =1.0.0, =3.0.11, =3.6.7, =3.6.7, =3.6.7, =3.6.10 and more Source cves: CVE-2026-42779 Source advisory: SNYK:JAVA-ORGAPACHEMINA-16354036...

9.8CVSS5.8AI score0.00902EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.4 views

Wireshark 2.0.x < 2.0.8 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.8. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.8 advisory. - In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion,...

5.9CVSS6AI score0.01717EPSS
Exploits0References13
CVE
CVE
added 2026/04/30 5:40 a.m.18 views

CVE-2026-5408

CVE-2026-5408 describes an uncontrolled recursion causing a crash in Wireshark’s BT-DHT protocol dissector. Affected versions are Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, with impact listed as denial of service. The connected documents provide the vulnerability name, affected versions, and the exp...

5.5CVSS5.2AI score0.00143EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.00143EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36100

CVE-2026-31431 is another reminder that one unpatched vulnerability can turn a small foothold into full system compromise. For businesses running remote teams, cloud workloads, or distributed infrastructure, secure access and layered protection matter more than ever. Patch fast. Limit exposure...

7.8CVSS5.7AI score0.96267EPSS
Exploits228References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

XXL-JOB 安全漏洞

XXL-JOB is a distributed task scheduling platform developed by xuxueli. Versions of XXL-JOB 3.3.2 and earlier contain security vulnerabilities. These vulnerabilities stem from improper control of resource identifiers due to the parameter logId in the function logDetailCat of the Execution Log...

6.3CVSS5.8AI score0.00418EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/27 12:30 p.m.9 views

com.github.niupengyu.schedule:ahead-schedule-distributed (>=1.2.6-RELEASE <=1.2.8-RELEASE), com.github.niupengyu:ahead-frame-socket (>=1.2.1-RELEASE <=1.2.3-RELEASE) +40 more potentially affected by CVE-2026-41409 via org.apache.mina:mina-core (>=2.1.0 <=2.1.10)

org.apache.mina:mina-core MAVEN version =2.1.0, =1.2.6-RELEASE, =1.2.1-RELEASE, =2.2.1, =2.2.1, =3.0.0, =1.0.0, =3.0.11, =3.6.7, =3.6.7, =3.6.7, =3.6.10 and more Source cves: CVE-2026-41409 Source advisory: OSV:GHSA-F2WH-GRMH-R6JM...

9.8CVSS5.8AI score0.00451EPSS
Exploits0
Snyk
Snyk
added 2026/04/25 11:34 p.m.6 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following via the WebDAV backend process. An attacker can access and modify files outside the intended directory by exploiting symbolic links that point outside the designated root. This is only exploitable if...

9.1CVSS5.8AI score0.0033EPSS
Exploits0References3
HackRead
HackRead
added 2026/04/22 12:33 p.m.12 views

Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/21 12:0 a.m.5 views

I2P 2.12.0

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

oxia 竞争条件问题漏洞

Oxia is a distributed metadata storage and coordination system developed by Oxia. Versions of Oxia prior to 0.16.2 had a race condition vulnerability. This vulnerability stemmed from a race between session heartbeat processing and session termination, which could lead to server crashes due to...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/21 12:0 a.m.4 views

CVE-2026-29644

XiangShan open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 has improper gating of its distributed CSR write-enable path, allowing illegal CSR write attempts to alter custom PMA Physical Memory Attribute CSR state. Though the RISC-V privilege...

5.3CVSS6AI score0.00102EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/04/18 6:1 a.m.8 views

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors are exploiting security flaws in TBK DVR and end‑of‑life EoL TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to explo...

8.8CVSS7.7AI score0.99999EPSS
Exploits13
CVE
CVE
added 2026/04/17 10:45 a.m.8 views

CVE-2026-5131

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, with ACLs configured incorrectly. This can allow an attacker to communicate with the stream and upload XML or JSON files, which are processed by the named pipe under the service user’s privileges,...

6.9CVSS5.7AI score0.00426EPSS
Exploits0References2
Akamai Blog
Akamai Blog
added 2026/04/10 11:0 a.m.8 views

Why Managed Agents Needs Distributed Infrastructure

...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:37 p.m.3 views

CVE-2026-33785

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, ca...

8.8CVSS6AI score0.00138EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder