Lucene search
+L

7 matches found

OSV
OSV
added 2026/06/09 11:54 a.m.3 views

CVE-2026-11764 Data exposed without proper permission

When creating an export of all reusable media, the secrets of connected gift cards were included in the export even if the user creating the export does not have permission to view gift cards. This is inconsistent with the UI and API where only the first letters of the gift card secret are shown...

6.9CVSS6AI score0.00229EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed an unreferenced object issue reported by kmemleak in ubiresizevolume. There is also a memory leak issue reported by kmemleak: An unreferenced object with a size of 128 bytes is causing a memory leak: 0xffff888102007a00...

5.5CVSS6.1AI score0.00147EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 8:34 p.m.14 views

CVE-2026-43363

A flaw was found in the Linux kernel. When resuming from suspend to RAM s2ram, the system's firmware may incorrectly re-enable x2apic mode, even if the kernel had previously disabled it. This mismatch causes the kernel to operate with an incompatible interface, leading to system hangs and a Denia...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 11:27 a.m.2 views

CVE-2026-43137 ASoC: SOF: Intel: hda: Fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2024/02/17 4:15 a.m.6 views

CVE-2023-31728

Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface...

7CVSS5.8AI score0.00203EPSS
Exploits0References3
OSV
OSV
added 2022/07/15 12:15 p.m.4 views

CVE-2022-30245

Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the...

6.5CVSS5.8AI score0.01233EPSS
Exploits0References3
Code423n4
Code423n4
added 2022/04/20 12:0 a.m.11 views

The name of the function to setup a vesting in the interface IVesting.sol doesn’t match with the name of the function to setup a vesting in StakeCitadelVester.sol.

Lines of code Vulnerability details Impact Users will not be able to withdraw their funds . Proof of Concept When a user wants to withdraw his tokens from StakedCitadel.sol, vesting is supposed to be set and tokens are sent to the vesting contract where they are vested linearly for 21 days. This ...

6.8AI score
Exploits0
Rows per page
Query Builder