Lucene search
K

1989 matches found

NVD
NVD
added yesterday5 views

CVE-2026-6875

ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform. ServiceNow addressed this vulnerability by deploying...

9.5CVSS
Exploits0References1
Nuclei
Nuclei
added yesterday137 views

Gogs <= 0.13.3 - Remote Code Execution

Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink bypass vulnerability that circumvents the fix for CVE-2024-55947. Authenticated users can exploit improper symbolic link handling in the PutContents API to overwrite files outside the repository by committing a...

8.8CVSS7.2AI score0.7654EPSS
Exploits19References4
CVE
CVE
added 6 days ago9 views

CVE-2026-55761

Portainer Community Edition contains a vulnerability where, in versions 2.39.0–2.39.3 and 2.40.0–2.43.0, unauthenticated restore and administrator initialization endpoints (/api/restore and /api/users/admin/init) remain accessible during the five-minute setup window for uninitialized instances. A...

7.1CVSS5.9AI score0.00272EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-55761 Portainer: Unauthenticated Restore Endpoint Allows Admin Takeover on Uninitialised Portainer Instances

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. In versions 2.39.0 through 2.39.3 and 2.40.0 until 2.43.0, unauthenticated restore and administrator initialization...

7.1CVSS0.00272EPSS
Exploits1References6
Fedora
Fedora
added 2026/07/02 1:11 a.m.9 views

[SECURITY] Fedora 43 Update: hut-0.8.0-1.fc43

hut is a CLI tool for interacting with Sourcehut instances. It supports git.sr.ht as well as self-hosted Sourcehut instances...

7.5CVSS6.7AI score0.00626EPSS
Exploits0
Fedora
Fedora
added 2026/07/02 1:11 a.m.6 views

[SECURITY] Fedora 44 Update: hut-0.8.0-1.fc44

hut is a CLI tool for interacting with Sourcehut instances. It supports git.sr.ht as well as self-hosted Sourcehut instances...

7.5CVSS6.7AI score0.00626EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.11 views

EUVD-2026-40453

n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree AST security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python Code node can bypass the validator and access the task executor module...

5.3CVSS5.8AI score0.00245EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to...

7.8CVSS6.1AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.8 views

SUSE CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS0.00141EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS5.6AI score0.00141EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53193 ALSA: timer: Forcibly close timer instances at closing

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS0.00141EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: vchiqarm: Avoid dereferencing a NULL pointer in vchiqdumpplatforminstances. vchiqgetstate can return a NULL pointer. Therefore, handle this case and avoid dereferencing a NULL pointer in vchiqdumpplatforminstances...

5.5CVSS6.2AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37584

Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

6.5CVSS5.4AI score0.00433EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-47340

Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

6.5CVSS0.00433EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/12 2:32 p.m.9 views

Malicious Package

Overview ecto-nightly-spirit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/12 2:32 p.m.11 views

Malicious Package

Overview ecto-rust-read-f3a9c1 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
NVD
NVD
added 2026/06/12 4:17 a.m.13 views

CVE-2026-47368

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances...

8.6CVSS0.00355EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.25 views

PT-2026-48823

Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description An improper input validation issue exists in certain devices running UniFi OS. A malicious actor with network access and low privileges can exploit this to escalate privileges within the...

9.9CVSS5.2AI score0.00303EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/11 9:0 p.m.11 views

Malicious Package

Overview solana-web3-patched is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Rows per page
Query Builder