Lucene search
K

10269 matches found

Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.6 views

PT-2026-1414

Name of the Vulnerable Software and Affected Versions BuddyPress Xprofile Custom Field Types plugin versions through 1.2.8 Description The BuddyPress Xprofile Custom Field Types plugin for WordPress has a flaw that allows authenticated attackers with Subscriber-level access or higher to delete...

7.2CVSS7.2AI score0.00615EPSS
Exploits0References8
Snyk
Snyk
added 2026/01/05 6:10 p.m.5 views

Template Injection

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Template Injection via the map filter in Twig templates when processing text fields that accept Twig input in the control panel settings or through the System Messages utility. An attacker ca...

8.8CVSS7.8AI score0.00787EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.5 views

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. Code-Projects Online Product Reservation System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the parameters fname/lname/...

9.8CVSS7.8AI score0.00379EPSS
Exploits1References6
Amazon
Amazon
added 2026/01/05 12:0 a.m.9 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040 In the Lin...

5.5CVSS6.5AI score0.00544EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2026/01/04 12:0 a.m.8 views

PT-2026-1191

Name of the Vulnerable Software and Affected Versions Online Product Reservation System version 1.0 Description A flaw exists in the POST Parameter Handler component of the software, specifically within the /handgunner-administrator/edit.php file. The prod id, name, price, model, and serial...

7.5CVSS7.5AI score0.00374EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-27700

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel stack leak exists in the irdma create user ah function within the RDMA/irdma component. The rsvd4 member of the irdma create ah resp structure leaks 4 bytes of stack memory...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References210
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-27680

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mt76 module related to out-of-bounds access within the mt76 connac2 mac write txwi 80211 function. A check for frame length is insufficient,...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.11 views

PT-2026-27732

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the radiotap parser. Specifically, the parser does not properly handle radiotap data containing undefined fields, leading to the potential for an...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References201
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-27690

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mt76 mt7996 module where a missing check for frame length could lead to an out-of-bounds access within the mt7996 mac write txwi 80211 function...

5.9AI score0.00125EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/12/31 12:30 a.m.4 views

SUSE CVE-2022-50884

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...

5.5CVSS6.4AI score0.00196EPSS
Exploits0References10
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Calculated Fields Form plugin < 5.2.62 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Calculated Fields Form versions 5.2.62...

4.8CVSS5.9AI score0.00219EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992742 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidfffindfields This function triggered a null pointe...

5.5CVSS6.2AI score0.00244EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/30 9:30 p.m.4 views

EUVD-2025-205846

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

6.5AI score0.00343EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/12/30 8:16 p.m.1 views

CVE-2025-50343

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

9.8CVSS6.5AI score0.00343EPSS
Exploits1References3
OSV
OSV
added 2025/12/30 8:16 p.m.4 views

CVE-2025-50343

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

9.8CVSS7AI score0.00343EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/30 3:30 p.m.3 views

EUVD-2025-205777

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

9CVSS6.8AI score0.02862EPSS
Exploits1References7
EUVD
EUVD
added 2025/12/30 3:30 p.m.3 views

EUVD-2022-55912

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...

5.9AI score0.00196EPSS
Exploits0References10
NVD
NVD
added 2025/12/30 1:16 p.m.5 views

CVE-2022-50884

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...

0.00196EPSS
Exploits0References9
OSV
OSV
added 2025/12/30 1:16 p.m.7 views

UBUNTU-CVE-2022-50884

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...

5.7AI score0.00196EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.4 views

CVE-2022-50884

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield to attempt copying a NULL pointer There are some struct drmdriver fields that are required by drivers since drmcopyfield attempts to copy them to user-space via DRMIOCTLVERSION. But it can be possible th...

5.8AI score0.00196EPSS
Exploits0References11
Rows per page
Query Builder