Lucene search
K

655 matches found

CNNVD
CNNVD
added 2026/01/28 12:0 a.m.8 views

Drupal Entity Share security vulnerability

Drupal Entity Share is a content sharing plugin for the Drupal community. Versions of Drupal Entity Share prior to 3.13.0 contained a security vulnerability, which was caused by improper authorization and could lead to forced browsing...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.7 views

Drupal HTTP Client Manager security vulnerability

The Drupal HTTP Client Manager is an HTTP client management plugin for the Drupal community. Versions prior to 9.3.13, 10.0.2, and 11.0.1 of the Drupal HTTP Client Manager contained security vulnerabilities. These vulnerabilities were due to improper exception condition checks, which could lead t...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/27 12:27 a.m.7 views

SUSE CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

6.7CVSS5.8AI score0.0013EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.9 views

IObit Uninstaller code-related vulnerabilities

IObit Uninstaller is a Windows software tool provided by IObit for forced uninstallation of programs. IObit Uninstaller 10 Pro has a code vulnerability that stems from an issue with service paths not being enclosed in quotes, which may lead to an increase in local privileges...

8.5CVSS5.9AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/01/23 4:15 p.m.9 views

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS0.0013EPSS
Exploits0References7
OSV
OSV
added 2026/01/23 4:15 p.m.6 views

AZL-78458 CVE-2026-22980 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS5.6AI score0.0013EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/23 4:15 p.m.6 views

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS6.3AI score0.0013EPSS
Exploits0References25
OSV
OSV
added 2026/01/23 4:15 p.m.7 views

UBUNTU-CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS5.9AI score0.0013EPSS
Exploits0References29
Cvelist
Cvelist
added 2026/01/23 3:24 p.m.31 views

CVE-2026-22980 nfsd: provide locking for v4_end_grace

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

7.8CVSS0.0013EPSS
Exploits0References7
HackRead
HackRead
added 2026/01/09 10:59 a.m.11 views

$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China

Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group's global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.6 views

CVE-2020-7541

A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...

5.3CVSS6.8AI score0.00898EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.6 views

CVE-2023-45598

A CWE-425 “Direct Request 'Forced Browsing'” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...

5.3CVSS7.1AI score0.00487EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:44 p.m.5 views

EUVD-2026-0757

Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery CSRF. This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site...

8.3CVSS6AI score0.00151EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/02 12:0 a.m.6 views

PT-2026-1117

Name of the Vulnerable Software and Affected Versions Emlog version 2.5.23 Description Emlog version 2.5.23’s article creation functionality is susceptible to cross-site request forgery CSRF. This allows an attacker to force a user to post an article containing arbitrary content. When combined wi...

8.3CVSS6.3AI score0.00151EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-4480

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the NFS daemon nfsd related to handling grace periods during server shutdown. Specifically, writing to the v4 end grace structure can occur concurrently with...

7.8CVSS5.4AI score0.0013EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/20 12:0 a.m.5 views

Fedora 42 : chromium (2025-0805619c28)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0805619c28 advisory. Update to 143.0.7499.146 High CVE-2025-14765: Use after free in WebGPU High CVE-2025-14766: Out of bounds read and write in V8 Force dark mode when...

8.8CVSS5.6AI score0.0281EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/12/19 11:47 a.m.3 views

CVE-2025-1885

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Phishing, Forceful Browsing. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this disclosure bu...

5.4CVSS5.4AI score0.00147EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.6 views

PT-2025-52441

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Phishing, Forceful Browsing.This issue affects Online Food Delivery System: through 19122025...

5.4CVSS6.8AI score0.00147EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/10 6:14 p.m.11 views

CVE-2025-57823

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS6.7AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 6:15 p.m.5 views

CVE-2025-57823

A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...

2.7CVSS5.8AI score0.00202EPSS
Exploits0References1
Rows per page
Query Builder