Lucene search
K

23718 matches found

NVD
NVD
added 2026/07/07 1:16 p.m.11 views

CVE-2026-10659

The Dhara flash translation layer disk driver drivers/disk/ftldhara.c implemented the dharanand callbacks so that, on a flash error, the error code was written unconditionally through the caller-supplied dharaerrort err pointer e.g. err = DHARAEECC in dharanandread, and similar in...

4.7CVSS0.00098EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/07/07 12:58 p.m.39 views

CVE-2026-10659 NULL pointer dereference in Zephyr Dhara FTL disk driver on flash read error during journal resume

The Dhara flash translation layer disk driver drivers/disk/ftldhara.c implemented the dharanand callbacks so that, on a flash error, the error code was written unconditionally through the caller-supplied dharaerrort err pointer e.g. err = DHARAEECC in dharanandread, and similar in...

4.7CVSS0.00098EPSS
Exploits1References2
CVE
CVE
added 2026/07/07 12:58 p.m.19 views

CVE-2026-10659

The CVE concerns Zephyr’s Dhara FTL disk driver (drivers/disk/ftl_dhara.c). On flash read errors, the driver previously wrote error codes unconditionally to a caller-supplied err pointer, and the journal-resume path forwarded NULL into dhara_nand_read(), causing a NULL dereference during disk ini...

4.7CVSS6AI score0.00098EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2026-21369

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS0.0006EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:9 p.m.5 views

EUVD-2026-41927

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 8:9 p.m.8 views

CVE-2026-21369

CVE-2026-21369 describes a memory corruption in the camera driver when handling flash commands. The root cause is outdated LED count values being used after userspace modification, leading to out-of-bounds/write conditions. The weakness is limited to local attack vector with high complexity and l...

5.3CVSS6AI score0.0006EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.6 views

CVE-2026-21369

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.36 views

CVE-2026-21369 Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS0.0006EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.9 views

CVE-2026-21369 Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.9 views

PT-2026-55989

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto affected versions not specified Description Memory corruption occurs when handling flash commands. This issue is caused by the use of outdated LED count values following modifications made in userspace. Recommendations...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 8:9 p.m.10 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.6AI score0.00143EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 5:23 p.m.22 views

CVE-2026-57958

Summary: Mixpost

6.1CVSS5.9AI score0.00168EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 5:23 p.m.10 views

EUVD-2026-40143

Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth...

6.1CVSS5.9AI score0.00168EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-499 pyload-ng vulnerable to RCE with js2py sandbox escape

Summary Any pyload-ng running under python3.11 or below are vulnerable under RCE. Attacker can send a request containing any shell command and the victim server will execute it immediately. Details js2py has a vulnerability of sandbox escape assigned as CVE-2024-28397, which is used by the...

9.8CVSS6.8AI score0.16513EPSS
Exploits22References7
OSV
OSV
added 2026/06/26 8:17 p.m.4 views

DEBIAN-CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS5.7AI score0.00126EPSS
Exploits0
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-57323

Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...

5.8CVSS0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.32 views

CVE-2026-57323 WordPress Flash & HTML5 Video plugin <= 2.11.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...

5.8CVSS0.00228EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:53 p.m.10 views

CVE-2026-57323

The CVE-2026-57323 entry concerns the WordPress Flash & HTML5 Video plugin (versions &lt;= 2.11.0). Affected component: the Flash & HTML5 Video functionality within the WordPress plugin. Root cause: Unauthenticated Broken Access Control, enabling access to resources without authentication. Impact...

5.8CVSS5.8AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.4 views

EUVD-2026-39735

Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...

5.8CVSS5.8AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder