Lucene search
K

449 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.8 views

CVE-2026-4949

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.16.12. This is due to the 'processcheckout' function not properly enforcing...

4.3CVSS5.6AI score0.00316EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.9 views

CVE-2026-46232

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...

5.7AI score0.00258EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.9 views

SUSE CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.5CVSS0.00095EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/27 12:57 p.m.11 views

EUVD-2026-32433

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.8AI score0.00095EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.7AI score0.00095EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/27 12:57 p.m.29 views

CVE-2026-46051

CVE-2026-46051 affects the Linux kernel's MD RAID5 path. The vulnerability arises when retry_aligned_read() encounters an overlapped stripe and releases it via raid5_release_stripe(), placing it on the released_stripes list. In a subsequent raid5d loop, release_stripe_list() drains the stripe ont...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.46 views

CVE-2026-46051 md/raid5: fix soft lockup in retry_aligned_read()

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

0.00095EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43918

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A soft lockup occurs in the retry aligned read function when an overlapped stripe is encountered. The function releases the stripe via raid5 release stripe, placing it on the lockless...

5.5CVSS5.9AI score0.00095EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/21 9:20 p.m.12 views

CVE-2026-7887 For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...

2.3CVSS5.8AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 9:20 p.m.33 views

CVE-2026-7887 For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status

For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...

2.3CVSS0.00172EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmpbuildprobe The ipv6stub-ipv6devfind function may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not loaded. Passing this error pointer to devhold will cause a...

7.5CVSS5.7AI score0.0049EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: Rejects attempts to consume or refresh inactive gfntopfncache. kvmgpccheck and kvmgpcrefresh are rejected if the cache is inactive. Not checking the active flag during refresh is particularly problematic, as KVM may end u...

7.8CVSS6.1AI score0.00157EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

7.8CVSS6.5AI score0.00148EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: The clearwalkcontrol function operates on an inactive context in damoswalk. damoswalk sets ctx-walkcontrol to the control structure provided by the caller before checking whether the context is running. If the...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 8:16 p.m.14 views

CVE-2026-44561

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the isuserchannelmember function checks whether a ChannelMember row exists but does not check the isactive field. When a user is deactivated from a group or DM channel removed by the...

5.4CVSS0.00178EPSS
Exploits1References1
F5 Networks
F5 Networks
added 2026/05/14 8:48 a.m.17 views

K000161272: Spring Security vulnerability CVE-2026-22753

Security Advisory Description Vulnerability in Spring Spring Security. If an application is using securityMatchersString and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may fail and its related security components will not be exercise...

7.5CVSS5.8AI score0.00248EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.9 views

SUSE CVE-2026-43388

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whethe...

7.8CVSS6.1AI score0.00124EPSS
Exploits0References2
Rows per page
Query Builder