Lucene search
K

7741 matches found

Nuclei
Nuclei
added 12 hours ago71 views

WordPress WHMCS Bridge <6.4b - Cross-Site Scripting

WordPress WHMCS Bridge plugin before 6.4b contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the error parameter before outputting it back in the admin dashboard. id: CVE-2021-25112 info: name: WordPress WHMCS Bridge 6.4b - Cross-Site Scripting author:...

6.1CVSS6.4AI score0.02187EPSS
Exploits2References4
Nuclei
Nuclei
added 12 hours ago96 views

i-Panel Administration System 2.0 - Cross-Site Scripting

i-Panel Administration System 2.0 contains a cross-site scripting vulnerability that enables an attacker to execute arbitrary JavaScript code in the browser-based web console. id: CVE-2021-41878 info: name: i-Panel Administration System 2.0 - Cross-Site Scripting author: madrobot severity: medium...

6.1CVSS6.6AI score0.09912EPSS
Exploits4References5
NVD
NVD
added yesterday8 views

CVE-2026-4769

Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an...

9.8CVSS0.00447EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43093

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

6.1AI score0.00153EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-11913

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

9.8CVSS0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-11913 Mother May I - Critical - Unsupported - SA-CONTRIB-2026-045

vulnerability in Drupal Mother May I allows . This issue affects Mother May I versions:...

0.00153EPSS
Exploits0References1
CVE
CVE
added 4 days ago14 views

CVE-2026-11913

CVE-2026-11913 concerns a vulnerability in the Drupal module “Mother May I.” The official CVE notes a critical impact (CVSS 9.8) with affected versions listed as wildcards (. ). Connected sources indicate the Drupal project marks the module as unsupported and a fix has not been provided (SA-CONTR...

9.8CVSS6.1AI score0.00153EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago7 views

Malicious code in proxy-check-i (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2da390c130eb840eb129a5d43faf0a64a0f0f602070243613aa0e2f8ea8f6d04 The package advertises itself as a wrapper for a 'qsshd executable' but the bundled Go binary is a reverse-SSH daemon that grants a remote operator...

6.3AI score
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 5 days ago3 views

Security Bulletin: IBM i is Affected by Multiple Vulnerabilities in IBM Java SDK and IBM Java Runtime [CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007]

Summary IBM SDK Java Technology Edition and IBM Runtime Environment Java used by IBM i to support the building and running of Java applications are vulnerable to partial denial-of-service DoS CVE-2026-22021, CVE-2026-22018 and unauthorized access to data CVE-2026-22016, CVE-2026-22013,...

7.5CVSS6.4AI score0.00702EPSS
Exploits0Affected Software5
RedHat Linux
RedHat Linux
added 6 days ago4 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago8 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago7 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 2:12 p.m.6 views

Security Bulletin: IBM i is Affected By Multiple Vulnerabilities in Navigator for i and Digital Certifcate Manager

Summary Navigator for IBM i uses DOMPurify for cross-site scripting sanitization. DOMPurify is vulnerable to prototype pollution-based XSS bypass CVE-2026-41238, skipped sanitization in non-string mode CVE-2026-41239, and skipped sanitization when using the ADDTAGS function CVE-2026-41240...

8.8CVSS7.5AI score0.00331EPSS
Exploits1Affected Software5
RedhatCVE
RedhatCVE
added 2026/06/29 11:19 a.m.9 views

CVE-2026-53323

A flaw was found in the Linux kernel's Distributed Switch Architecture DSA subsystem. Redundant locking operations within the DSA conduit ethtool wrappers can lead to a deadlock. A local attacker can exploit this by using the ethtool -i command, causing the system to become unresponsive and...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 10:39 a.m.8 views

CVE-2026-53322

A flaw was found in the Linux kernel's vfio/pci subsystem. During device shutdown, an improper order of operations in cleaning up Direct Memory Access Buffers DMABUFs before disabling the function creates a brief window. In this window, a device's Base Address Registers BARs could still be access...

8.8CVSS5.7AI score0.00182EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 8:17 p.m.9 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

7.8CVSS0.00129EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
NVD
NVD
added 2026/06/26 8:16 a.m.8 views

CVE-2026-57876

An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing HTTP request body data. A remote attacker may exploit this vulnerability by sending a...

7.5CVSS0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 11:6 p.m.4 views

CVE-2026-53196

A flaw was found in the Linux kernel's ioti USB serial driver. A malicious USB device, when plugged into a host running this driver, can exploit a heap overflow vulnerability in the getmanufinfo function. This occurs because the driver does not properly validate the size of data read from the...

6.8CVSS6.2AI score0.00284EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fixed a potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can originate from the user space of the hidraw driver and is bounded b...

7.8CVSS6AI score0.00142EPSS
Exploits0References2
Rows per page
Query Builder