Lucene search
K

1188 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.16 views

PT-2026-42693

Name of the Vulnerable Software and Affected Versions KnpLabs Snappy versions prior to 1.7.1 Description A shell injection issue exists on POSIX systems where the escapeshellarg function returns a string containing single-quote characters. This causes the is executable check to fail, as it search...

7.5CVSS5.9AI score0.00152EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.20 views

PT-2026-42694

Name of the Vulnerable Software and Affected Versions SQLAdmin versions prior to 0.25.1 Description The ajax lookup endpoint in application.py bypasses the is accessible access control check enforced by other endpoints. If a developer restricts model access by overriding is accessible, an...

4.3CVSS5.5AI score0.00279EPSS
Exploits1References15
Snyk
Snyk
added 2026/05/20 3:35 p.m.11 views

Incorrect Authorization

Overview symfony/http-kernel is a Symfony component that provides a structured process for converting a Request into a Response. Affected versions of this package are vulnerable to Incorrect Authorization in the router due to the improper enforcement of IsGranted, IsSignatureValid, and...

8.6CVSS5.8AI score0.00052EPSS
Exploits0References2
Friends Of PHP
Friends Of PHP
added 2026/05/20 8:0 a.m.13 views

CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

More info at https://symfony.com/cve-2026-45075...

8.3CVSS5.8AI score0.00052EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2026/05/20 8:0 a.m.15 views

CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

More info at https://symfony.com/cve-2026-45075...

8.3CVSS5.8AI score0.00052EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2026/05/20 8:0 a.m.14 views

CVE-2026-45075: HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]

More info at https://symfony.com/cve-2026-45075...

8.3CVSS5.8AI score0.00052EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: exfat: Check if the cluster number is valid. Syzbot reported a slab-out-of-bounds read in exfatclearbitmap. This issue was triggered when the reproducer called truncute with a size of 0, resulting in the following error messag...

7.1CVSS6.4AI score0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bcache: Reverting the change that replaced ISERRORNULL with ISERR. The commit 028ddcac477b “bcache: Removing unnecessary NULL-point checks in node allocations” causes a NULL pointer dereferencing in the cachesetFlush function...

5.5CVSS6.3AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fixed the issue where NULL was compared with ISERR. The devmkzalloc function does not return error pointers; it returns NULL in case of an error. Update the check to match this behavior...

5.5CVSS5.3AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled. The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check whether the .startstreaming operation has been called. It then decides whether t...

5.5CVSS5.6AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Check for a dangling peer via isdead instead of an empty list If all peers are removed using wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list at the beginning of...

7.8CVSS6.4AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a memory leak that occurred when ntfsreadmft failed. When the label ATTRROOT in ntfsreadmft sets isroot = true and ni-niflags |= NIFLAGDIR, the next attribute will go to the label ATTRALLOC, resulting in an...

5.4AI score0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: modpost: fixed an issue where the comparison in isexecutablesection was off by one. The comparison should be set to = to prevent out-of-bounds array access...

5.5CVSS5.3AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fixed the bounds check for sx controls. For sx controls, the semantics of the max field are not the usual one; max represents the number of steps, rather than the maximum value. This means that our check in...

5.5CVSS6.2AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1d8 as critical The pll1d8 clock is enabled by the bootloader, and it is ultimately a parent clock for numerous other clocks, including those used by the APB and AXI buses. Guodong Xu discovered that thi...

5.5CVSS5.3AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: tee: amdtee: fixed an issue where ISERR returned NULL instead of an error pointer. The getfreepages function does not return error pointers; it returns NULL instead. Therefore, this condition needs to be corrected to avoid NUL...

5.5CVSS5.9AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLKISCRITICAL. The AXI crossbar of TH1520 does not have a proper timeout handling mechanism, which means that gating AXI clocks can easily lead to bus timeouts and thus cause the syste...

5.8AI score0.00158EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in symfony

Symfony is a PHP framework for web and console applications, along with a set of reusable PHP components. Starting from versions 2.0.0, 5.0.0, and 6.0.0, and before versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension used issafe=html, but they did not actually ensure that their...

6.1CVSS6.8AI score0.00682EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/19 3:24 p.m.9 views

Malicious Package

Overview is-really-odd is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:4 a.m.11 views

kernel: dm: fix NULL pointer dereference in __dm_suspend()

In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG...

5.8AI score0.00207EPSS
Exploits0References5
Rows per page
Query Builder