Lucene search
K

193 matches found

OSV
OSV
added yesterday4 views

ROOT-OS-UBUNTU-2404-CVE-2026-53140 CVE-2026-53140 in rootio-linux - Patched by Root

Root has patched CVE-2026-53140 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.8AI score0.00168EPSS
Exploits0
OSV
OSV
added yesterday5 views

ROOT-OS-UBUNTU-2404-CVE-2025-21820 CVE-2025-21820 in rootio-linux - Patched by Root

Root has patched CVE-2025-21820 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS7.6AI score0.0015EPSS
Exploits0
NVD
NVD
added 3 days ago8 views

CVE-2026-10653

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

6.4CVSS0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

In FFmpeg 4.4, the file libavcodec/dnxhddec.c does not check the return value of the initvlc function. This is a similar issue to CVE-2013-0868...

5.5CVSS6.5AI score0.01023EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 3:27 p.m.17 views

CVE-2026-56024 WordPress WP EasyPay plugin <= 4.5.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal WP EasyPay allows Cross Site Request Forgery. This issue affects WP EasyPay: from n/a through 4.5.0...

6.5CVSS0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2026-36971

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS5.2AI score0.00342EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.8 views

CVE-2026-40727

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS5.2AI score0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49241

Zephyr's native TCP stack iterates the global connection list in net tcp foreach subsys/net/ip/tcp.c using the SYS SLIST FOR EACH CONTAINER SAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcp lock while invoking the per-connection callback and...

4.8CVSS5.5AI score0.00274EPSS
Exploits1References3
NVD
NVD
added 2026/06/07 3:16 a.m.15 views

CVE-2026-11448

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

5.8CVSS0.01582EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.21 views

PT-2026-47169

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

5.8CVSS5.1AI score0.01582EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.18 views

PT-2026-47171

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument dev name results in command injection. It is possible to initiate the attack...

7.5CVSS7.1AI score0.01572EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.14 views

CVE-2026-7379

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.4AI score0.00193EPSS
Exploits1References1
Fedora
Fedora
added 2026/06/05 4:27 a.m.11 views

[SECURITY] Fedora 44 Update: perl-Cpanel-JSON-XS-4.41-1.fc44

This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...

7.5CVSS5.8AI score0.00375EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/26 1:54 a.m.22 views

SUSE CVE-2026-7736

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

7.5CVSS6.8AI score0.00454EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/26 1:54 a.m.27 views

SUSE CVE-2026-7737

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

7.5CVSS5.6AI score0.00631EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 8:16 a.m.12 views

CVE-2026-44068

Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...

7.6CVSS0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Netatalk 操作系统命令注入漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.2.1 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...

3CVSS5.9AI score0.00091EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...

9.8CVSS7.1AI score0.02411EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 7:16 p.m.6 views

UBUNTU-CVE-2026-8430

SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability through specific nginx...

9.2CVSS6.7AI score0.00434EPSS
Exploits0References2
Rows per page
Query Builder