Lucene search
K

377 matches found

Cvelist
Cvelist
added 2026/06/29 12:0 a.m.22 views

CVE-2026-51219

A heap buffer overflow in the HighPriorityASDUQueuehasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service DoS via a crafted payload...

0.00348EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53752

Name of the Vulnerable Software and Affected Versions lib60870 versions 2.3.3 through 2.3.6 Description A heap buffer overflow occurs in the HighPriorityASDUQueue hasUnconfirmedIMessages function. This flaw allows an attacker to trigger a Denial of Service DoS by sending a specially crafted...

6.5CVSS6.2AI score0.00348EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 12:0 a.m.5 views

CVE-2026-51219

A heap buffer overflow in the HighPriorityASDUQueuehasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service DoS via a crafted payload...

6AI score0.00348EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/08 9:45 p.m.16 views

CVE-2026-43392

A flaw was found in the schedext component of the Linux kernel. This vulnerability allows a local attacker to cause a system hang by exploiting an issue in the scxenable function. The function's task switching loop can lead to indefinite starvation of the enable thread when higher-priority...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References4
NVD
NVD
added 2026/04/22 2:16 p.m.7 views

CVE-2026-31523

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...

4.7CVSS0.00089EPSS
Exploits0References8
CVE
CVE
added 2026/04/22 1:54 p.m.21 views

CVE-2026-31523

In the Linux kernel NVMe PCI driver, CVE-2026-31523 is a race condition: a running change to the polled queue count can create a brief window during reset where a hipri task poll occurs before queue maps are updated, risking double completions when the interrupt-driven path takes over. The issue ...

4.7CVSS5.6AI score0.00089EPSS
Exploits0References8Affected Software1
Patchstack
Patchstack
added 2026/01/07 6:55 a.m.7 views

WordPress Latest Registered Users plugin <= 1.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data Export vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data Export vulnerability discovered by Legion Hunter in WordPress Plugin Latest Registered Users versions = 1.4...

7.5CVSS6.7AI score0.00283EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/01/01 10:7 a.m.6 views

WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability

Software : Issabella Type : Theme Vulnerable versions : = 1.1.2 OWASP Top 10 : A3: Injection Classification : Local File Inclusion CVE ID : CVE-2025-69086 Patchstack priority : High CVSS severity : 8.1 Required privilege : Unauthenticated Developer : Claim ownership PSID : 1e3ff6a668aa Credits :...

7.2AI score0.00334EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/12/30 3:30 p.m.4 views

EUVD-2023-60373

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fillpool syzbot is reporting a lockdep warning in fillpool because the allocation from debugobjects is using GFPATOMIC, which is GFPHIGH | GFPKSWAPDRECLAIM and therefore tries to wake up...

6.1AI score0.00172EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.9 views

CVE-2023-54268

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fillpool syzbot is reporting a lockdep warning in fillpool because the allocation from debugobjects is using GFPATOMIC, which is GFPHIGH | GFPKSWAPDRECLAIM and therefore tries to wake up...

6AI score0.00172EPSS
Exploits0References8
OSV
OSV
added 2025/12/30 12:15 p.m.5 views

CVE-2023-54268 debugobjects: Don't wake up kswapd from fill_pool()

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fillpool syzbot is reporting a lockdep warning in fillpool because the allocation from debugobjects is using GFPATOMIC, which is GFPHIGH | GFPKSWAPDRECLAIM and therefore tries to wake up...

6.5AI score0.00172EPSS
Exploits0References9
CVE
CVE
added 2025/12/30 12:15 p.m.17 views

CVE-2023-54268

The CVE-2023-54268 entry concerns a Linux kernel fix for debugobjects: avoid waking kswapd from fill_pool() when GFP_ATOMIC allocations trigger kswapd_wait::lock. The root cause is using GFP_ATOMIC (effectively GFP_HIGH | GFP_KSWAPD_RECLAIM), which can wake up kswapd during fill_pool() as it may ...

6.2AI score0.00172EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.4 views

PT-2025-54097

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fill pool syzbot is reporting a lockdep warning in fill pool because the allocation from debugobjects is using GFP ATOMIC, which is GFP HIGH | GFP KSWAPD RECLAIM and therefore tries to wake...

6.5AI score0.00172EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/12/25 11:35 a.m.5 views

WordPress CookieHint WP plugin <= 1.0.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin CookieHint WP versions = 1.0.0...

7.5CVSS6.7AI score0.0028EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/23 12:7 a.m.15 views

WordPress WooMulti plugin <= 1.7 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability

Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin WooMulti versions = 1.7...

7.3CVSS6.8AI score0.00247EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/16 5:29 p.m.10 views

WordPress JAY Login & Register plugin <= 2.4.01 - Authentication Bypass via Cookie vulnerability

Authentication Bypass via Cookie vulnerability discovered by kr0d in WordPress Plugin JAY Login & Register versions = 2.4.01...

9.8CVSS6.7AI score0.00704EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2025/12/11 8:11 a.m.20 views

WordPress Elated Membership plugin <= 1.2 - Authentication Bypass via Social Login vulnerability

Authentication Bypass via Social Login vulnerability discovered by Foxyyy in WordPress Plugin Elated Membership versions = 1.2...

9.8CVSS6.8AI score0.00432EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/10 6:34 a.m.6 views

WordPress Hippoo Mobile App for WooCommerce plugin <= 1.7.1 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by Moose Love - Nagasaki Prefectural University in WordPress Plugin Hippoo Mobile App for WooCommerce versions = 1.7.1...

7.5CVSS6.8AI score0.02056EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/12/05 7:8 a.m.11 views

WordPress User Verification plugin <= 2.0.44 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by luckybuddy in WordPress Plugin User Verification versions = 2.0.44...

9.8CVSS5.4AI score0.0045EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/11/05 1:32 a.m.6 views

WordPress KiotViet Sync plugin <= 1.8.5 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by kr0d in WordPress Plugin KiotViet Sync versions = 1.8.5...

9.8CVSS6.7AI score0.00771EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder