Lucene search
+L

1144 matches found

NCSC
NCSC
added 2 days ago10 views

Zero-day vulnerabilities are exploited in SonicWall SMA1000 devices.

SonicWall has identified two vulnerabilities in the SonicWall SMA1000 appliance. The vulnerability with the identifier CVE-2026-15409 involves Server-Side Request Forgery SSRF in the Work Place interface, allowing an unauthorized attacker to send requests to the device to unintended locations. Th...

10CVSS6.4AI score0.01486EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2026/07/02 9:42 a.m.16 views

CVE-2026-9595

A flaw was found in webpack-dev-server. When a user configures a proxy with a broad context, such as '/', and enables WebSocket ws: true forwarding, the development server's own Hot Module Replacement HMR WebSocket can be intercepted. This interception leads to the leakage of the browser's cookie...

7.1CVSS5.7AI score0.00163EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.7 views

CVE-2026-53342

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: call pagetable dtor when freeing hot-removed page tables Since 5e8eb9aeeda3 "arm64: mm: always call PTE/PMD ctor in createpgdmapping" page-table allocation on ARM64 always calls pagetablepte,pmd,pud,p4dctor. This sets...

5.7AI score0.00154EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-13595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw...

6.8CVSS5.9AI score0.00112EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 9:16 a.m.17 views

CVE-2026-13595

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS0.00112EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 9:16 a.m.4 views

UBUNTU-CVE-2026-13595

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS5.7AI score0.00112EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:6 a.m.7 views

CVE-2026-13595

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS5.7AI score0.00112EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 8:6 a.m.78 views

CVE-2026-13595 Util-linux: util-linux: heap use-after-free in libblkid nested partition probing

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS0.00112EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 8:6 a.m.30 views

CVE-2026-13595

CVE-2026-13595 affects libblkid in util-linux. During nested partition probing, BSD/Minix/Solaris x86/UnixWare probers cache a parent partition pointer in a dynamically allocated array; on reallocation, the pointer becomes stale, causing a heap use-after-free read. An attacker with access to a cr...

6.8CVSS5.7AI score0.00112EPSS
Exploits0References4Affected Software3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53234

Name of the Vulnerable Software and Affected Versions util-linux libblkid affected versions not specified Description A heap use-after-free read occurs in the libblkid library during nested partition probing. The BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a...

6.8CVSS6.1AI score0.00112EPSS
Exploits0References20
CVE
CVE
added 2026/06/26 7:40 p.m.20 views

CVE-2026-53303

Technical details for CVE-2026-53303 are not publicly provided in the supplied documents; monitoring for updates is advised.

7.1CVSS5.8AI score0.00126EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/17 6:13 p.m.9 views

GHSA-MX8G-39Q3-5C79 webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies

Impact When a user-configured proxy on webpack-dev-server has a broad context e.g. / and ws: true, it also intercepts the dev server's own HMR WebSocket and forwards it to the proxy target. This leaks the browser's cookies and Origin header to the backend, bypasses the dev server's Host/Origin...

5.3CVSS5.4AI score0.00163EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 1:24 p.m.3 views

util-linux: util-linux: heap use-after-free in libblkid nested partition probing

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS6AI score0.00112EPSS
Exploits0References5
NVD
NVD
added 2026/06/17 1:19 p.m.17 views

CVE-2025-69108

Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...

9.8CVSS0.00525EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:56 p.m.40 views

CVE-2025-69108 WordPress Hot Coffee theme <= 1.7 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...

9.8CVSS0.00525EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:56 p.m.18 views

CVE-2025-69108

CVE-2025-69108 is an unauthenticated PHP Object Injection in the WordPress theme Hot Coffee (&lt;= 1.7). The description specifies unauthenticated object injection in Hot Coffee

9.8CVSS5.3AI score0.00525EPSS
Exploits0References1
NCSC
NCSC
added 2026/06/16 1:13 p.m.19 views

Vulnerabilities found in Check Point Remote and Mobile Access VPN-products

Check Point has identified vulnerabilities in Remote and Mobile Access VPN products, specifically those implemented using the IKEv1 key exchange protocol. Two vulnerabilities have been identified in Check Point Security Gateways and Remote Access VPN environments that utilize the outdated IKEv1...

9.3CVSS6AI score0.70099EPSS
Exploits5References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 6:12 a.m.18 views

Malicious code in hot-validation-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76065c270ae195ee042c46a6d0ade5737992948d3f3068f367fc6bfef474ce9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/16 6:12 a.m.19 views

MAL-2026-5870 Malicious code in hot-validation-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76065c270ae195ee042c46a6d0ade5737992948d3f3068f367fc6bfef474ce9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
NVD
NVD
added 2026/06/15 4:16 p.m.14 views

CVE-2026-9595

Impact: When a user-configured proxy on webpack-dev-server has a broad context e.g. / and ws: true, it also intercepts the dev server's own HMR WebSocket and forwards it to the proxy target. This leaks the browser's cookies and Origin header to the backend, bypasses the dev server's Host/Origin...

5.3CVSS0.00163EPSS
Exploits0References5
Rows per page
Query Builder