Lucene search
K

35 matches found

CVE
CVE
added yesterday4 views

CVE-2026-25782

Gitea before 1.25.5 is affected: tracked-time entries are looked up by time ID without confirming the associated issue in the request URL, enabling deletion attempts to affect entries from a different issue. Root cause is improper scoping of the lookup. Impact is potential cross-item deletion of ...

5.9AI score
Exploits0References4
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

UBUNTU-CVE-2026-53310

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix cross-fabric target timeout lookup When a fabric receives an error interrupt, the error may have occurred on a different fabric. The target timeout lookup was using the wrong base address cbb-regs with offsets...

5.7AI score0.00154EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:40 p.m.6 views

EUVD-2026-39888

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.8AI score0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/20 4:17 p.m.10 views

CVE-2026-56325

Capgo before 12.128.2 uses ILIKE pattern matching instead of exact matching for appid lookup in the preview subdomain resolver, allowing underscore characters in appid to act as SQL wildcards. Attackers can create apps with appids differing by one character at underscore positions to cause...

3.1CVSS0.00215EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.18 views

PT-2026-51144

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description The preview subdomain resolver uses ILIKE pattern matching instead of exact matching for app id lookup. This allows underscore characters within the app id to function as SQL wildcards. An attacker...

3.1CVSS5.9AI score0.00215EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.11 views

PT-2026-45061

Name of the Vulnerable Software and Affected Versions PraisonAI Platform affected versions not specified Description The server contains multiple authorization flaws. First, a cross-tenant Insecure Direct Object Reference IDOR exists because the require workspace member dependency only validates...

9.4CVSS5.8AI score0.00043EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.15 views

PT-2026-43452

TL;DR This vulnerability affects all Kirby sites on Kirby 5.3.0-5.4.0 and is independent from setup conditions and authentication. This vulnerability is of high severity for all Kirby sites. ---- Introduction Path traversal is a type of attack that allows to access arbitrary filesystem paths. By...

8.8CVSS6AI score0.00173EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:8 p.m.5 views

CVE-2026-35371

The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleadi...

3.3CVSS5.8AI score0.00123EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/22 4:8 p.m.34 views

CVE-2026-35371 uutils coreutils id Misleading Identity Reporting in Pretty Print Mode

The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleadi...

3.3CVSS0.00123EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991194 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not allow SETID to refer to another table When doing lookups for sets on...

7.8CVSS6.4AI score0.12746EPSS
Exploits7References4
RedhatCVE
RedhatCVE
added 2025/12/10 10:20 a.m.17 views

CVE-2023-53764

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peerid find ath12kpeerfindbyid requires that the caller hold the ab-baselock. Currently the WBM error path does not hold the lock and calling that function, leads to the following lockdepassertin...

7CVSS5.7AI score0.00145EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/09 12:29 a.m.6 views

SUSE CVE-2023-53764

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peerid find ath12kpeerfindbyid requires that the caller hold the ab-baselock. Currently the WBM error path does not hold the lock and calling that function, leads to the following lockdepassertin...

5.5CVSS6.3AI score0.00145EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/07 3:19 p.m.7 views

CVE-2023-53621 memcontrol: ensure memcg acquired by id is properly set up

In the Linux kernel, the following vulnerability has been resolved: memcontrol: ensure memcg acquired by id is properly set up In the eviction recency check, we attempt to retrieve the memcg to which the folio belonged when it was evicted, by the memcg id stored in the shadow entry. However, ther...

0.0019EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3016

Malicious code in bioql PyPI...

5.3CVSS5AI score0.01768EPSS
Exploits1References13
NVD
NVD
added 2025/10/01 12:15 p.m.4 views

CVE-2023-53492

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...

7.8CVSS0.00153EPSS
Exploits0References5
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2023-53492

The CVE-2023-53492 entry describes a Linux kernel nf_tables issue: when adding a rule that refers to a chain by ID, Genmask was ignored if the chain had been deleted in the same batch, causing the rule to reference a deleted chain and trigger a warning. The root cause is nf_tables_lookup_byid ign...

7.8CVSS6AI score0.00153EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.9 views

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids...

7.5CVSS6.9AI score0.00471EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

5.5CVSS6.8AI score0.00286EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.9 views

kernel: netfilter: nf_tables: do not ignore genmask when looking up chain by id

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...

7.8CVSS6.6AI score0.00153EPSS
Exploits0References5
OSV
OSV
added 2023/11/01 2:15 p.m.2 views

UBUNTU-CVE-2023-46930

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gfisomfindodidfortrack /afltest/gpac/src/isomedia/mediaodf.c:522:14...

5.5CVSS5.8AI score0.00206EPSS
Exploits0References4
Rows per page
Query Builder