Lucene search
K

1130 matches found

Cvelist
Cvelist
added 2026/05/01 2:14 p.m.34 views

CVE-2026-31744 PM: EM: Fix NULL pointer dereference when perf domain ID is not found

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found devenergymodelnlgetperfdomainsdoit calls emperfdomaingetbyid but does not check the return value before passing it to emnlgetpdsize. When a caller supplies a...

0.00107EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/01 2:14 p.m.10 views

EUVD-2026-26557

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found devenergymodelnlgetperfdomainsdoit calls emperfdomaingetbyid but does not check the return value before passing it to emnlgetpdsize. When a caller supplies a...

5.8AI score0.00107EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/27 6:30 p.m.3 views

CVE-2026-7148 CodeAstro Online Classroom addnewfaculty sql injection

A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of the argument fname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...

6.5CVSS6.4AI score0.00241EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/22 3:31 p.m.7 views

EUVD-2026-24903

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...

5.6AI score0.00123EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.10 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013840)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013840 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that...

5.9AI score0.00165EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010794 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying...

5.7AI score0.00239EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007013)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007013 advisory. In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specifi...

7.8CVSS5.6AI score0.00157EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/16 8:42 p.m.7 views

ApostropheCMS: User Enumeration via Timing Side Channel in Password Reset Endpoint

Summary The password reset endpoint /api/v1/@apostrophecms/login/reset-request exhibits a measurable timing side channel that allows unauthenticated attackers to enumerate valid usernames and email addresses. When a user is not found, the handler returns after a fixed 2-second artificial delay, b...

3.7CVSS5.8AI score0.00365EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/16 7:22 p.m.4 views

CVE-2026-6163

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

7.5CVSS5.7AI score0.00318EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/14 5:20 p.m.2 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/14 5:18 p.m.3 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/14 2:45 p.m.4 views

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

6.9CVSS5.7AI score0.00343EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.10 views

PT-2026-32974

Name of the Vulnerable Software and Affected Versions free5GC versions 4.2.1 and earlier Description An improper path validation issue exists in the UDR service. The endpoint 'GET /nudr-dr/v2/application-data/influenceData/influenceId/subscriptionId' is designed to operate only when the influence...

8.7CVSS6AI score0.00493EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/13 6:30 a.m.3 views

EUVD-2026-21875

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/13 6:30 a.m.7 views

EUVD-2026-21874

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

7.5CVSS7AI score0.00318EPSS
Exploits0References6
NVD
NVD
added 2026/04/13 6:16 a.m.3 views

CVE-2026-6164

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

7.5CVSS0.00254EPSS
Exploits0References5
NVD
NVD
added 2026/04/13 6:16 a.m.7 views

CVE-2026-6163

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...

7.5CVSS0.00318EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 5:30 a.m.1 views

CVE-2026-6164 code-projects Lost and Found Thing Management addcat.php sql injection

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 5:30 a.m.8 views

CVE-2026-6164

Code-projects Lost and Found Thing Management 1.0 contains a SQL injection in an unknown area of /addcat.php via the cata argument. This vulnerability can be triggered remotely and is substantiated by public exploit activity. The CVE-2026-6164 details, as tracked by NVD and CVE records, show a ne...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/13 5:30 a.m.1 views

CVE-2026-6164

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder