Lucene search
K

294 matches found

OSV
OSV
added 2026/06/30 1:2 p.m.3 views

CVE-2026-58015 Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

5.9CVSS6AI score0.00418EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is n...

5.5CVSS6.1AI score0.00168EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 p.m.5 views

UBUNTU-CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS5.8AI score0.00074EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:38 p.m.9 views

EUVD-2026-39560

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

2.3CVSS5.8AI score0.00074EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53038

In the Linux kernel, the following vulnerability has been resolved: imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is not supported. However there are places relying on the algorithm to be...

5.5CVSS0.00168EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51932

Name of the Vulnerable Software and Affected Versions Linux kernel version 6.12.40 Description A global out-of-bounds read occurs in the create securityfs measurement lists function when the system uses a TPM chip with an unsupported hash algorithm. The issue arises because ima tpm chip-allocated...

6.1AI score0.00168EPSS
Exploits0References13
OSV
OSV
added 2026/06/10 12:33 a.m.2 views

CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.9AI score0.00126EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.13 views

CVE-2026-48488

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 SHAttered. Version 4.1.4 fixes the issue...

6.9CVSS5.3AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 3:15 p.m.31 views

CVE-2026-48488

CVE-2026-48488 affects phpMyFAQ prior to version 4.1.4, where attachment passwords are hashed using SHA-1, a broken algorithm. The issue is resolved in 4.1.4. The CVSS base score is 6.9 (Medium); attack vector NETWORK, no user interaction needed, and impact is limited to confidentiality. If explo...

6.9CVSS5.3AI score0.00182EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.18 views

PT-2026-46255

GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain root credentials and privileges via a bruteforce attack...

5.8AI score0.0019EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 6:15 p.m.6 views

CVE-2026-8889

Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching 25,020 hashes and CIPA blocklist matching 12,352 hashes...

5.8AI score0.00249EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Securly Chrome Extension 安全漏洞

Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly, designed for educational scenarios. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability stems from the use of...

7.5CVSS5.3AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

Securly Chrome Extension 安全漏洞

Securly Chrome Extension is a web filtering and student online security management browser extension developed by the American company Securly, designed for educational scenarios. Version 3.0.7 of Securly Chrome Extension contains a security vulnerability. This vulnerability stems from the use of...

7.5CVSS5.3AI score0.00163EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.11 views

SUSE CVE-2026-45937

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - fix kernel panic in driver detach During driver detach, the same hash algorithm is unregistered multiple times due to a wrong iterator...

5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-45937

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - fix kernel panic in driver detach During driver detach, the same hash algorithm is unregistered multiple times due to a wrong iterator...

5.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 12:58 p.m.2 views

CVE-2026-46096 tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page allocation: 1. When namesize returns an error unrecognized hash algorith...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.43 views

CVE-2026-45937 crypto: inside-secure/eip93 - fix kernel panic in driver detach

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - fix kernel panic in driver detach During driver detach, the same hash algorithm is unregistered multiple times due to a wrong iterator...

0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 11:7 p.m.55 views

CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS0.00399EPSS
Exploits0References6
OSV
OSV
added 2026/05/20 10:16 a.m.1 views

CVE-2026-42923

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

5.3CVSS5.9AI score0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.15 views

PT-2026-41793

Name of the Vulnerable Software and Affected Versions Sulu versions prior to 2.6.23 Sulu versions prior to 3.0.6 Description Sulu is an open-source PHP content management system based on the Symfony framework. The generation of API keys and password reset tokens utilizes a weak cryptographical ha...

6.9CVSS5.8AI score0.00193EPSS
Exploits0References6
Rows per page
Query Builder