Lucene search
+L

605 matches found

debiancve
debiancve
added 2026/04/24 2:42 p.m.11 views

CVE-2026-31626

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...

7.1CVSS5.2AI score0.00288EPSS
Exploits0
cvelist
cvelist
added 2026/04/24 2:42 p.m.80 views

CVE-2026-31626 staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...

7.1CVSS0.00288EPSS
Exploits0References9
osv
osv
added 2026/04/24 2:42 p.m.1 views

CVE-2026-31626 staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...

7.1CVSS5.8AI score0.00288EPSS
Exploits0References12
osv
osv
added 2026/04/23 7:45 p.m.4 views

CVE-2026-25874 LeRobot Unsafe Deserialization Remote Code Execution via gRPC

LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...

9.3CVSS7.9AI score0.15547EPSS
Exploits1References8
suse
suse
added 2026/04/09 7:4 p.m.5 views

Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689...

8.7CVSS6.7AI score0.00344EPSS
Exploits7References32
susecve
susecve
added 2026/04/07 11:26 p.m.4 views

SUSE CVE-2026-31053

A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...

6.2CVSS5.8AI score0.00149EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/04/07 5:12 a.m.7 views

CVE-2026-31053

A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...

6.2CVSS5.8AI score0.00149EPSS
Exploits1References1
nvd
nvd
added 2026/04/06 3:17 p.m.5 views

CVE-2026-31053

A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...

6.2CVSS0.00149EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2026/04/06 12:0 a.m.3 views

CVE-2026-31053

A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...

5.8AI score0.00149EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/04/06 12:0 a.m.5 views

PT-2026-30615

A double free vulnerability exists in librz/bin/format/le/le.c in the function le load fixup record. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...

5.8AI score0.00149EPSS
Exploits1References3
euvd
euvd
added 2026/03/24 9:31 p.m.6 views

EUVD-2026-14949

IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...

5.9AI score0.00171EPSS
Exploits0References3
nvd
nvd
added 2026/03/24 7:16 p.m.6 views

CVE-2026-1995

IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...

7.8CVSS0.00171EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/24 12:0 a.m.9 views

PT-2026-27472

Name of the Vulnerable Software and Affected Versions IDrive versions affected versions not specified Description The id service.exe process operates with elevated privileges and routinely reads files located in the C:ProgramDataIDrive directory. These files, encoded in UTF16-LE, are used as...

7.8CVSS5.9AI score0.00171EPSS
Exploits0References13
euvd
euvd
added 2026/03/05 6:30 a.m.5 views

EUVD-2026-9729

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References2
nvd
nvd
added 2026/03/05 6:16 a.m.8 views

CVE-2026-28069

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

8.1CVSS0.00403EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/05 5:54 a.m.33 views

CVE-2026-28069 WordPress Le Truffe theme <= 1.1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

8.1CVSS0.00403EPSS
Exploits0References1
cve
cve
added 2026/03/05 5:54 a.m.11 views

CVE-2026-28069

CVE-2026-28069 is a Local File Inclusion vulnerability in the WordPress theme Le Truffe (≤ 1.1.7) stemming from improper control of filename for include/require statements in PHP. The issue allows PHP Local File Inclusion and has a high overall impact (CVSS v3.1: 8.1, High; network attack vector,...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/05 5:54 a.m.3 views

CVE-2026-28069 WordPress Le Truffe theme <= 1.1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/03/05 12:0 a.m.4 views

PT-2026-23349

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

5.9AI score0.00403EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Le Truffe 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Rows per page
Query Builder