Lucene search
K

277 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mt6359 – Fixed a refcount leak bug. In functions mt6359parsedt and mt6359accdetparsedt, we should call ofnodeput for the reference returned by ofgetchildbyname, which has caused an increase in the refcount...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: A memory leak has been fixed in hi846parsedt. If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources do not get released before returning, resulting in a memory leak...

5.5CVSS5.3AI score0.00184EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.14 views

CVE-2026-6646

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS5.7AI score0.00281EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fixed a memory leak in pinconfgenericParseDTConfig In pinconfgenericParseDTConfig, if parseDTCfg fails, it returns directly. This bypasses the cleanup logic, resulting in a memory leak of the cfg buffer...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: The issue in fdt: fix off-by-one error in unflattendtnodes Commit 78c44d910d3e “drivers/of: Fix depth when unflattening devicetree” forgot to fix the depth check within the loop body of unflattendtnodes. This could lead to an...

7.8CVSS6.2AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183 – Added back the SSPM-related clocks. This change reverts to the commit number 860690a93ef23b567f781c1b631623e27190f101. On the MT8183, the SSPM-related clocks were removed due to a claim that they were not...

7.8CVSS6.4AI score0.00143EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 7:16 a.m.44 views

CVE-2026-6646

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS0.00281EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/15 6:45 a.m.7 views

CVE-2026-6646

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS6AI score0.00281EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.15 views

PT-2026-41269

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dt default button' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes i...

6.4CVSS6AI score0.00281EPSS
Exploits0References9
OSV
OSV
added 2026/05/05 7:0 p.m.8 views

MAL-2026-3351 Malicious code in @rivianlabs/dt-shop-bag-v0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c4117faebfc77cf01d1cf1bb6e5c6c2e9dda679d8f976eb5308a585016f3f5f The package @rivianlabs/dt-shop-bag-v0 was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/05 6:50 p.m.8 views

Malicious code in @rivianlabs/dt-lib-lumberjack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cf3a31f76f8c2e22a2792aee30736347d17fe5872cb69c7edaecc7728aa6190 The package @rivianlabs/dt-lib-lumberjack was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23314

In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xxregdtparsegpio In bq257xxregdtparsegpio, if fails to get subchild, it returns without calling ofnodeputchild, causing the device node reference leak...

5.5CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.22 views

CVE-2026-23337 pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconfgenericparsedtconfig In pinconfgenericparsedtconfig, if parsedtcfg fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer. Fi...

0.00117EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.5 views

CVE-2026-23337

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconfgenericparsedtconfig In pinconfgenericparsedtconfig, if parsedtcfg fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer. Fi...

5.5CVSS5.3AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23337 pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconfgenericparsedtconfig In pinconfgenericparsedtconfig, if parsedtcfg fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer. Fi...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/10 2:12 a.m.5 views

CVE-2026-3765

A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /attsingleview.php. Such manipulation of the argument dt leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

9.8CVSS7AI score0.00323EPSS
Exploits1References1
OSV
OSV
added 2026/03/08 8:15 p.m.5 views

CVE-2026-3765

A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /attsingleview.php. Such manipulation of the argument dt leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

9.8CVSS5.8AI score0.00323EPSS
Exploits1References5
NVD
NVD
added 2026/03/08 8:15 p.m.7 views

CVE-2026-3765

A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /attsingleview.php. Such manipulation of the argument dt leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

9.8CVSS0.00323EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/08 8:2 p.m.4 views

CVE-2026-3765 itsourcecode University Management System att_single_view.php sql injection

A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the file /attsingleview.php. Such manipulation of the argument dt leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

7.5CVSS5.8AI score0.00323EPSS
Exploits1References5
CVE
CVE
added 2026/03/08 8:2 p.m.15 views

CVE-2026-3765

A vulnerability is identified in itsourcecode University Management System 1.0 affecting the file /att_single_view.php. The issue stems from manipulation of the dt argument, enabling SQL injection. Exploitation can be performed remotely, and public exploits exist. Multiple connected sources (NVD,...

9.8CVSS7AI score0.00323EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder