Lucene search
+L

831 matches found

cve
cve
added 2026/07/08 4:8 p.m.9 views

CVE-2026-59896

Hono/jsx in the Hono web framework exposes a cross-request data disclosure during server-side rendering. From version 4.11.8 up to, but not including, 4.12.27, context values created via createContext, useContext, jsxRenderer, or useRequestContext were not isolated per request and could be reused...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/07/08 4:8 p.m.6 views

EUVD-2026-42326

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/08 12:0 a.m.6 views

PT-2026-56506

Name of the Vulnerable Software and Affected Versions Hono versions 4.11.8 through 4.12.26 Description During server-side rendering, the hono/jsx module fails to isolate context values on a per-request basis. This allows data from a different in-flight request to be accessed after an await...

6.5CVSS6.1AI score0.00191EPSS
Exploits0References9
attackerkb
attackerkb
added 2026/07/05 10:23 p.m.10 views

CVE-2026-10656

The MAX32xxx USB device controller driver drivers/usb/udc/udcmax32.c, compatible adimax32usbhs dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udceventxferoutdone called netbufaddbuf, eprequest-actlen immediately after buf =...

4.6CVSS6.1AI score0.00191EPSS
Exploits1References3Affected Software1
osv
osv
added 2026/06/25 7:38 p.m.4 views

MINI-PX4H-PWMV-VV36

Bulletin has no description...

9.1CVSS5.8AI score0.00487EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53123

In the Linux kernel, the following vulnerability has been resolved: md: wake raid456 reshape waiters before suspend During raid456 reshape, direct IO across the reshape position can sleep in raid5makerequest waiting for reshape progress while still holding an activeio reference. If userspace then...

5.7AI score0.00171EPSS
Exploits0References5Affected Software1
cve
cve
added 2026/06/24 4:30 p.m.16 views

CVE-2026-53087

Summary: CVE-2026-53087 affects the Linux kernel bcmgenet network driver. When reclaiming the transmit queue, the driver advances the write pointer to drop in-flight data but fails to return the dropped frames to the pool of free buffer descriptors (bds), causing a resource leak. This can lead to...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/24 4:30 p.m.34 views

CVE-2026-53087 net: bcmgenet: fix leaking free_bds

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS0.00376EPSS
Exploits0References6
euvd
euvd
added 2026/06/24 4:30 p.m.7 views

EUVD-2026-38955

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

5.8AI score0.00376EPSS
Exploits0References6
nvd
nvd
added 2026/06/24 8:16 a.m.8 views

CVE-2026-52935

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS0.0012EPSS
Exploits0References8
osv
osv
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52935

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References11
cvelist
cvelist
added 2026/06/24 7:14 a.m.34 views

CVE-2026-52935 xfrm: espintcp: do not reuse an in-progress partial send

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS0.0012EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.14 views

PT-2026-51981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bcmgenet network driver where free bds buffer descriptors are leaked. During the reclamation of the tx queue, the write pointer is fast-forwarded to drop data in...

7.5CVSS5.9AI score0.00376EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.19 views

PT-2026-51728

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm espintcp component where the system may reuse an in-progress partial send. Specifically, the espintcp sendmsg function may reinitialize emsg-skmsg and reuse...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References25
redhatcve
redhatcve
added 2026/06/09 8:59 a.m.16 views

CVE-2026-11488

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References1
cve
cve
added 2026/06/08 4:30 a.m.29 views

CVE-2026-11488

The CVE-2026-11488 entry concerns code-projects Simple Flight Ticket Booking System 1.0. It identifies a SQL injection in the POST Parameter Handler, specifically in checkUser.php via the Username argument. Impact is limited to confidentiality and integrity with a low severity in CVSS metrics, an...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6
euvd
euvd
added 2026/06/08 4:30 a.m.16 views

EUVD-2026-35019

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/06/08 4:30 a.m.7 views

CVE-2026-11488

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6Affected Software1
vulnrichment
vulnrichment
added 2026/06/08 4:30 a.m.9 views

CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00275EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/08 4:30 a.m.42 views

CVE-2026-11488 code-projects Simple Flight Ticket Booking System POST Parameter checkUser.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown part of the file checkUser.php of the component POST Parameter Handler. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out...

7.5CVSS0.00275EPSS
Exploits0References6
Rows per page
Query Builder