Lucene search
+L

1540 matches found

redhatcve
redhatcve
added 5 days ago10 views

CVE-2026-52761

A flaw was found in ModSecurity, an open-source web application firewall WAF. The t:utf8toUnicode transformation function, responsible for converting UTF-8 encoded characters to Unicode, generates incorrect output on i386 architectures. This vulnerability allows an attacker to bypass WAF rules,...

5.8CVSS6AI score0.00411EPSS
Exploits0References6
osv
osv
added 6 days ago3 views

DEBIAN-CVE-2026-52761

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8tounicode.cc produces wrong output on i386 architecture because snprintf uses sizeof on a...

5.3CVSS5.9AI score0.00411EPSS
Exploits0References1
nvd
nvd
added 6 days ago7 views

CVE-2026-52761

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8tounicode.cc produces wrong output on i386 architecture because snprintf uses sizeof on a...

5.8CVSS0.00411EPSS
Exploits0References3
osv
osv
added 6 days ago4 views

UBUNTU-CVE-2026-52761

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8tounicode.cc produces wrong output on i386 architecture because snprintf uses sizeof on a...

5.8CVSS5.9AI score0.00411EPSS
Exploits0References5
cvelist
cvelist
added 6 days ago34 views

CVE-2026-52761 ModSecurity: Transformation utf8toUnicode produces wrong output on i386 architecture

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 through 3.0.15, the t:utf8toUnicode transformation in src/actions/transformations/utf8tounicode.cc produces wrong output on i386 architecture because snprintf uses sizeof on a...

5.8CVSS0.00411EPSS
Exploits0References3
cve
cve
added 6 days ago20 views

CVE-2026-52761

Affected software: ModSecurity WAF for Apache/IIS/Nginx. A vulnerability in the t:utf8toUnicode transformation (src/actions/transformations/utf8_to_unicode.cc) in 3.0.0–3.0.15, where snprintf uses sizeof on a char pointer instead of the unicode buffer length on i386, can allow bypassing rules tha...

5.8CVSS5.9AI score0.00411EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.10 views

PT-2026-55934

Name of the Vulnerable Software and Affected Versions ModSecurity versions 3.0.0 through 3.0.15 Description The t:utf8toUnicode transformation in src/actions/transformations/utf8 to unicode.cc produces incorrect output on i386 architecture. This occurs because the snprintf function uses sizeof on...

5.8CVSS6.1AI score0.00411EPSS
Exploits0References9
githubexploit
githubexploit
added 2026/06/06 2:35 a.m.86 views

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 Dirty Pipe Pre-compiled exploit for CVE-2022-08...

7.8CVSS6AI score0.89063EPSS
Exploits100
githubexploit
githubexploit
added 2026/06/05 10:27 a.m.80 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Copy Fail A pre-compiled exploit for CVE-2026-...

7.8CVSS5.9AI score0.96267EPSS
Exploits230
osv
osv
added 2026/03/24 9:27 a.m.3 views

SUSE-SU-2026:20822-1 Security update for systemd

This update for systemd fixes the following issues: Security issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. - udev: check for invalid...

6.7CVSS5.9AI score0.00142EPSS
Exploits0References9
nessus
nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000922)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000922 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...

7.8CVSS6.4AI score0.02428EPSS
Exploits9References9
nessus
nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003456 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...

7.8CVSS6.4AI score0.02428EPSS
Exploits9References9
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002910)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002910 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...

7.8CVSS6.4AI score0.02428EPSS
Exploits9References9
cve
cve
added 2025/12/16 2:44 p.m.17 views

CVE-2025-68257

CVE-2025-68257 : Linux kernel COMEDI subsystem vulnerability where compat ioctl handlers could dereference a NULL callback when the device was not attached. Root cause: compat ioctls lacked a proper sanity check of device attached status, allowing a NULL dereference in path leading to a crash. Fi...

6AI score0.00171EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2025/11/18 7:15 p.m.4 views

CVE-2025-61664

A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...

4.9CVSS5.7AI score0.00124EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2025/11/18 7:15 p.m.5 views

CVE-2025-61661

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...

4.8CVSS5.7AI score0.00172EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2025/11/18 7:15 p.m.5 views

CVE-2025-54770

A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused because the netsetvlan command is not properly unregistered when the network module is unloaded from memory. An attacker who...

4.9CVSS5.8AI score0.0013EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2025/11/18 7:15 p.m.3 views

CVE-2025-54771

A use-after-free vulnerability has been identified in the GNU GRUB Grand Unified Bootloader. The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system structure. An attacker could exploit this vulnerability to cause grub t...

4.9CVSS5.8AI score0.0013EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-6659

Malware in sbrugna...

5.5CVSS5.6AI score0.00341EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.12 views

EUVD-2017-1530

Malware in sbrugna...

7.8CVSS6AI score0.02428EPSS
Exploits6References14
Rows per page
Query Builder