Lucene search
K

13325 matches found

Cvelist
Cvelist
added 2026/06/11 5:4 a.m.30 views

CVE-2026-40997 SOAP security faults leak Spring Security account state

Several Spring WS integration paths with Spring Security could surface detailed account state for example locked or disabled user semantics to remote SOAP clients through exception messages or callback outcomes, instead of failing with generic authentication errors. That behavior assists remote...

5.3CVSS0.00366EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 5:4 a.m.39 views

CVE-2026-40997

The CVE-2026-40997 issue affects Spring Web Services: versions 5.0.0–5.0.1, 4.1.0–4.1.3, 4.0.0–4.0.18, and 3.1.0–3.1.8. The vulnerability arises when several Spring WS integration paths with Spring Security reveal detailed account state (e.g., locked or disabled user semantics) to remote SOAP cli...

5.3CVSS5.5AI score0.00366EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.24 views

PT-2026-48622

Name of the Vulnerable Software and Affected Versions Spring Web Services versions 5.0.0 through 5.0.1 Spring Web Services versions 4.1.0 through 4.1.3 Spring Web Services versions 4.0.0 through 4.0.18 Spring Web Services versions 3.1.0 through 3.1.8 Description When WS-Addressing is used with...

8.6CVSS5.8AI score0.00383EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/10 5:44 p.m.14 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS5.6AI score0.00091EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.14 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS5.5AI score0.00467EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.18 views

InjectV: Modeling Fault Injection Attacks in RISC-V Simulation Environment

Fault Injection Attacks FIAs are a significant threat to hardware security, capable of compromising systems by inducing malicious faults in computation or storage. Evaluating resilience against such attacks is challenging due to the high cost, complexity, and limited availability of physical faul...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 x86/fpu: Improve crypto performance by making kernel-mode FPU reliably...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

RHEL 7 : kernel (RHSA-2026:25095)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25095 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: raw: fix ro-uniq...

9.8CVSS5.4AI score0.00337EPSS
Exploits0References10
NVD
NVD
added 2026/06/09 7:17 p.m.12 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS0.00467EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-46290

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 12:0 a.m.38 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

0.00467EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.10 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

5.5AI score0.00467EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-48158

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A segmentation violation occurs in the gf hevc read sps bs internal function within the media tools/av parsers.c file. This issue allows attackers to cause a Denial of Service DoS by providing specially...

7.5CVSS5.2AI score0.00467EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

FreeSWITCH 安全漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and messaging-related products and applications. Prior to FreeSWITCH version 1.11.1, there were security...

7.5CVSS5.4AI score0.00414EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 12:0 a.m.25 views

CVE-2025-52293

GPAC MP4Box v2.4 contains a DoS vulnerability in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) when processing crafted HEVC SPS data. This results in a segmentation fault and possible denial of service under network conditions with no user interaction. The CVSS vector indic...

7.5CVSS5.5AI score0.00467EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

GPAC MP4Box 资源管理错误漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a resource management...

7.5CVSS5.3AI score0.00467EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/09 12:0 a.m.11 views

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

7.5CVSS5.5AI score0.00467EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.8 views

EulerOS 2.0 SP11 : binutils (EulerOS-SA-2026-2236)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header...

7.5CVSS6.1AI score0.00256EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2026-2235)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below,...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 5:16 p.m.10 views

CVE-2026-46290

In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...

5.5CVSS0.00121EPSS
Exploits0References3
Rows per page
Query Builder