Lucene search
K

486 matches found

Nuclei
Nuclei
added yesterday116 views

Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure

GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. User email is visible. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2020-26413 info:...

5.3CVSS6.3AI score0.33772EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: usb: catc: enable basic endpoint checking The catcprobe function fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors. This occurs as follows: - usbsndbulkpipeusbdev, 1 and...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 2:16 p.m.16 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 1:32 p.m.33 views

CVE-2026-48140 Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 1:32 p.m.22 views

CVE-2026-48140

NI grpc-device contains an unchecked enum cast vulnerability in BeginSidebandStream affecting version 2.17.0 and earlier. The issue allows triggering invalid enum states and undefined behavior, potentially leading to a denial of service. Exploitation requires sending a specially crafted message w...

7.1CVSS5.8AI score0.00254EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.69 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00254EPSS
Exploits0References6
OSV
OSV
added 2026/06/08 5:16 p.m.8 views

UBUNTU-CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

5.5CVSS5.4AI score0.00122EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 4:50 p.m.8 views

Security Bulletin: IBM SPSS Modeler is affected by Improper Access Control vulnerability in Apache Commons

Summary IBM SPSS Modeler is affected by Improper Access Control vulnerability in Apache Commons. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-48734 DESCRIPTION: Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class wa...

8.8CVSS7.1AI score0.01548EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:41 p.m.8 views

CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

5.5AI score0.00122EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/08 3:41 p.m.32 views

CVE-2026-46282

CVE-2026-46282 affects the Linux kernel IIO frequency driver (admv1013). Root cause: if device_property_read_string() fails, str can remain uninitialized and later is dereferenced in strcmp, causing a NULL/garbage pointer dereference. Mitigation in the patch set: replace manual read/strcmp with d...

5.5CVSS5.5AI score0.00122EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the admv1013 driver within the iio: frequency component. When the device property read string function fails, the str variable remains uninitialized...

9.8CVSS5.5AI score0.03663EPSS
Exploits28References338
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:5 a.m.12 views

ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/27 5:27 p.m.11 views

CVE-2026-46088

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA control component. Improper validation of the buffer length before a string length operation in the sndctleleminitenumnames function can lead to a system panic. This vulnerability could allow a local attacker to trigger...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.10 views

CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

5.8AI score0.00123EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/27 12:58 p.m.16 views

EUVD-2026-32471

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

5.8AI score0.00123EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:58 p.m.33 views

CVE-2026-46088

CVE-2026-46088 affects the Linux kernel (ALSA subsystem). The vulnerability arises in snd_ctl_elem_init_enum_names() where a loop advances through a names buffer using buf_len, and may call fortified strnlen(p, 0) when buf_len reaches zero but items remain. Public documents indicate the fix added...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:58 p.m.10 views

CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.46 views

CVE-2026-46088 ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

0.00123EPSS
Exploits0References8
Rows per page
Query Builder