Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3022 matches found

NVD
NVDadded 2026/03/25 11:16 a.m.4 views

CVE-2026-23285

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

5.5CVSS0.00122EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2026/03/25 11:16 a.m.3 views

CVE-2026-23285

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
OSV
OSVadded 2026/03/25 11:16 a.m.4 views

UBUNTU-CVE-2026-23285

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8
OSV
OSVadded 2026/03/25 11:16 a.m.1 views

UBUNTU-CVE-2026-23305

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...

7.1CVSS5.7AI score0.00124EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/03/25 10:26 a.m.16 views

CVE-2026-23285 drbd: fix null-pointer dereference on local read error

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

0.00122EPSS
Exploits0References5
OSV
OSVadded 2026/03/25 10:26 a.m.5 views

CVE-2026-23285 drbd: fix null-pointer dereference on local read error

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8
Packet Storm News
Packet Storm Newsadded 2026/03/25 12:0 a.m.1 views

FreeBSD Security Advisory - FreeBSD-SA-26:09.pf

FreeBSD Security Advisory - pf silently ignores certain rules. A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is...

5.8AI score0.0025EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.8 views

PT-2026-28163

Name of the Vulnerable Software and Affected Versions LiquidJS versions prior to 10.25.1 Description LiquidJS is susceptible to a denial of service condition due to insufficient memory limit enforcement within the replace first filter. The filter utilizes JavaScript's String.prototype.replace,...

7.5CVSS5.8AI score0.00471EPSS
Exploits1References5
EUVD
EUVDadded 2026/03/23 9:30 p.m.3 views

EUVD-2026-14527

A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and...

5.1CVSS4AI score0.00189EPSS
Exploits1References5
NVD
NVDadded 2026/03/23 8:16 p.m.2 views

CVE-2026-4596

A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and...

5.4CVSS0.00189EPSS
Exploits1References4
CVE
CVEadded 2026/03/23 7:20 p.m.7 views

CVE-2026-4596

CVE-2026-4596 affects the projectworlds Lawyer Management System 1.0. The vulnerability is a cross-site scripting flaw in processing the argument first_Name in the file /lawyers.php, enabling remote exploitation. Exploit is publicly available per provided sources. No remediation or specific fixes...

5.4CVSS4.1AI score0.00189EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/23 7:20 p.m.2 views

CVE-2026-4596 projectworlds Lawyer Management System lawyers.php cross site scripting

A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and...

5.1CVSS4.1AI score0.00189EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/03/23 7:20 p.m.2 views

CVE-2026-4596

A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and...

5.1CVSS4AI score0.00189EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2026/03/23 12:30 p.m.5 views

GHSA-RHGQ-F8X5-J2JC Keycloak's identity-first login flow exposes user information

A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user enumeration...

3.7CVSS5.3AI score0.00318EPSS
Exploits1References8
Snyk
Snykadded 2026/03/23 12:30 p.m.2 views

Information Exposure

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Information Exposure in the identity-first login flow when Organizations are enabled. An attacker can obtain...

6.3CVSS5.3AI score0.00318EPSS
Exploits1References2
CVE
CVEadded 2026/03/23 10:53 a.m.13 views

CVE-2026-4633

CVE-2026-4633 affects Keycloak and is triggered in the identity-first login flow when Organizations are enabled. The issue arises from differential error messages that enable an attacker to determine whether a user exists, leading to information disclosure through user enumeration . The documente...

3.7CVSS5.8AI score0.00318EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/23 10:53 a.m.2 views

CVE-2026-4633 Keycloak: keycloak: user enumeration via differential error messages

A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user enumeration...

3.7CVSS5.8AI score0.00318EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/23 10:53 a.m.25 views

CVE-2026-4633 Keycloak: keycloak: user enumeration via differential error messages

A flaw was found in Keycloak. A remote attacker can exploit differential error messages during the identity-first login flow when Organizations are enabled. This vulnerability allows an attacker to determine the existence of users, leading to information disclosure through user enumeration...

3.7CVSS0.00318EPSS
Exploits1References2
EUVD
EUVDadded 2026/03/23 6:30 a.m.3 views

EUVD-2026-14365

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...

6.5CVSS5.7AI score0.00196EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/03/23 5:1 a.m.2 views

CVE-2026-4574 SourceCodester Simple E-learning System User Profile Update sql injection

A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument firstName results in sql injection. It is possible to launch the attack remotely. The exploit is now...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References5
Rows per page
Query Builder