Lucene search
K

1007 matches found

Nuclei
Nuclei
added yesterday81 views

GL.iNET SSID Key Disclosure

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key. id: CVE-2023-31478 info: name: GL.iNET SSID Key Disclosure author: DhiyaneshDK severity: high description: | An issue was discovered on GL.iNet...

7.5CVSS7AI score0.29699EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/07/06 2:31 p.m.4 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.6AI score0.004EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:59 a.m.3 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.2AI score0.004EPSS
Exploits0References5
NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57752

Contributor SQL Injection in iNET Webkit 1.2.4 versions...

8.5CVSS0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:15 a.m.38 views

CVE-2026-57752 WordPress iNET Webkit plugin 1.2.4 - SQL Injection vulnerability

Contributor SQL Injection in iNET Webkit 1.2.4 versions...

8.5CVSS0.0029EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 11:15 a.m.8 views

EUVD-2026-41308

Contributor SQL Injection in iNET Webkit 1.2.4 versions...

8.5CVSS5.8AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.22 views

CVE-2026-57752

The CVE-2026-57752 entry covers a Contributor SQL Injection in the WordPress iNET Webkit plugin version 1.2.4. The vulnerability is described without attack details; CVSS 3.1 base score 8.5 (Network attack, Low complexity, Privileges Required: Low, User Interaction: None, Confidentiality Impact: ...

8.5CVSS5.8AI score0.0029EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 8:47 a.m.8 views

WordPress iNET Webkit plugin 1.2.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Evan NR in WordPress Plugin iNET Webkit versions 1.2.4...

8.5CVSS5.8AI score0.0029EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.13 views

PT-2026-55040

Name of the Vulnerable Software and Affected Versions iNET Webkit version 1.2.4 Description A SQL Injection issue exists that allows users with Contributor privileges to execute arbitrary SQL commands on the database. Recommendations At the moment, there is no information about a newer version th...

8.5CVSS6.3AI score0.0029EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue tha...

9.8CVSS6AI score0.0034EPSS
Exploits0References2
Veracode
Veracode
added 2026/06/26 9:30 a.m.7 views

Server-Side Request Forgery

jackson-databind is vulnerable to server-side request forgery SSRF. The vulnerability is due to eager DNS resolution during InetSocketAddress deserialization, where untrusted hostnames are resolved before application-level validation, allowing attackers to trigger arbitrary DNS requests by...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.8 views

SUSE CVE-2026-53175

In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...

9.8CVSS5.8AI score0.0034EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 12:3 p.m.3 views

RLSA-2026:27789 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished CVE-2026-31669 kernel: xen/privcmd: fix double free vi...

7.8CVSS6.8AI score0.004EPSS
Exploits11References18
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53175

In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...

9.8CVSS0.0034EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53175

In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...

9.8CVSS5.8AI score0.0034EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.30 views

CVE-2026-53175 inet: frags: fix use-after-free caused by the fqdir_pre_exit() flush

In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...

9.8CVSS0.0034EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53175

The CVE-2026-53175 entries describe a use-after-free in the Linux kernel’s fragment reassembly during netns teardown. Root cause: fqdir_pre_exit() flushes fragment queues but may leave freed skbs referenced by fragment queue state (fragments_tail/last_run_head) before INET_FRAG_COMPLETE is set, a...

9.8CVSS5.8AI score0.0034EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53175

In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...

9.8CVSS5.7AI score0.0034EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/25 2:19 a.m.10 views

SUSE CVE-2026-54514

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52271

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists during network namespace teardown. The function fqdir pre exit flushes incomplete fragment queues via inet frag queue flush, which frees queued socket buffe...

9.8CVSS5.9AI score0.0034EPSS
Exploits0References23
Rows per page
Query Builder