Lucene search
K

268 matches found

EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27705

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix invalid loaded resource table detection imxrprocelffindloadedrsctable may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree contains a...

5.7AI score0.00122EPSS
Exploits0References8
CVE
CVE
added 2026/05/06 11:27 a.m.19 views

CVE-2026-43145

The CVE-2026-43145 issue is in the Linux kernel remoteproc imx_rproc driver. The function imx_rproc_elf_find_loaded_rsc_table() could incorrectly report a loaded resource table when the firmware provided no resource table, because it returning priv->rsc_table even if rproc->table_ptr was NU...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/22 7:45 a.m.4 views

CVE-2026-4139

The mCatFilter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.5.2. This is due to the complete absence of nonce verification and capability checks in the computepost function, which processes settings updates. The computepost function is...

4.3CVSS5.7AI score0.00165EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013842)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013842 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix validation of VF state in get resources VF state I40EVFSTATEACTIVE is not the only stat...

6.8AI score0.00193EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011410)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011410 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix validation of VF state in get resources VF state I40EVFSTATEACTIVE is not the only stat...

6.8AI score0.00193EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/01 6:18 a.m.4 views

CVE-2026-4748

A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...

5.9AI score0.0025EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/01 6:18 a.m.7 views

CVE-2026-4748 pf silently ignores certain rules

A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is actually loaded into pf. Ranges expressed using the...

5.9AI score0.0025EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/26 8:6 a.m.5 views

bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded

...

7.1CVSS5.8AI score0.00123EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23310

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmithashpolicy change when XDP is loaded bondoptionmodeset already rejects mode changes that would make a loaded XDP program incompatible via bondxdpcheck. However, bondoptionxmithashpolicyset has ...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/03/25 6:18 a.m.212 views

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-30051 — Windows DWM Heap Overflow EoP · Master's Thes...

7.8CVSS8AI score0.05687EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2026/03/25 12:0 a.m.3 views

FreeBSD Security Advisory - FreeBSD-SA-26:09.pf

FreeBSD Security Advisory - pf silently ignores certain rules. A regression in the way hashes were calculated caused rules containing the address range syntax x.x.x.x - y.y.y.y that only differ in the address ranges involved to be silently dropped as duplicates. Only the first of such rules is...

5.8AI score0.0025EPSS
Exploits0
Patchstack
Patchstack
added 2026/03/22 10:11 p.m.5 views

WordPress Autoptimize plugin <= 3.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Lazy-loaded Image Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Lazy-loaded Image Attributes vulnerability discovered by stealthcopter in WordPress Plugin Autoptimize versions = 3.1.14...

6.4CVSS5.8AI score0.00198EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005540 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journalreset...

5.5CVSS6.7AI score0.00249EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.9 views

Vivo SmartRemote 安全漏洞

Vivo SmartRemote is a mobile remote control app developed by the Chinese company Vivo. There is a security vulnerability in Vivo SmartRemote, which stems from insufficient restrictions on loaded URLs, potentially leading to information leakage...

7.1CVSS5.8AI score0.0025EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 2:58 p.m.26 views

CVE-2025-71242

SPIP exposes an Authorization Bypass in private content disclosure for versions prior to 4.3.6, including 4.2.17 and 4.1.20. The flaw occurs when SPIP displays article and rubrique content in AJAX-loaded fragments without proper authorization checks, enabling an authenticated attacker to access r...

6.5CVSS5.6AI score0.00245EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: i40e: fixed the validation of VF state in the get resources function. The state I40EVFSTATEACTIVE is not the only state in which a VF is actually active. Therefore, it should not be used to determine whether a VF is allowed to...

6.2AI score0.00193EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-27675

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the bonding driver where changes to the xmit hash policy to vlan+srcmac are not properly restricted when an XDP program is loaded. Specifically, the...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References76
Packet Storm News
Packet Storm News
added 2025/12/25 12:0 a.m.6 views

A Statistical Side-Channel Risk Model for Timing Variability in Lattice-Based Post-Quantum Cryptography

Timing side-channels are an important threat to cryptography that still needs to be addressed in implementations, and the advent of post-quantum cryptography raises this issue because the lattice-based schemes may produce secret-dependent timing variability with the help of complex arithmetic and...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.8 views

PT-2025-52434

A stored cross-site scripting XSS vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud pdfonline.foxit.com. The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result,...

6.3CVSS5.6AI score0.0015EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/11 6:3 a.m.7 views

CVE-2025-66572

Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows unauthenticated attackers to execute code on the server via the search parameter...

6.9CVSS8AI score0.00423EPSS
Exploits0References1
Rows per page
Query Builder