Lucene search
K

1130 matches found

Snyk
Snyk
added 2026/06/19 8:47 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the parsermark. An attacker can cause a segmentation fault and potentially crash the application by triggering garbage collection after assigning a custom class to arrayclass or hashclass and before parsing, leading to...

8.7CVSS5.9AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A bug in markbufferdirty was fixed, as it sometimes generates a warning due to the forced discard of reused buffers. A syzbot stress test using a corrupted disk image revealed that markbufferdirty called from nilfsmark...

6AI score0.00195EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fixed a NULL pointer dereference in pnfsmarkmatchinglsegsreturn. The commit de144ff4234f fixes the issue by changing pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn, with NULL passed as the argument to the...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 7:16 p.m.14 views

CVE-2026-42932

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS0.00233EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 6:17 p.m.9 views

CVE-2026-42932 Naxclow IoT Platform Generation of Predictable Numbers or Identifiers

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS5.2AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 6:17 p.m.11 views

EUVD-2026-36532

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS5.2AI score0.00233EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 6:17 p.m.30 views

CVE-2026-42932 Naxclow IoT Platform Generation of Predictable Numbers or Identifiers

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS0.00233EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48952

Naxclow device identifiers use fixed manufacturing prefixes combined with sequential counters, producing a fully predictable and enumerable identifier space. Because the platform also exposes an endpoint that reveals the current identifier high-water mark, the active fleet can be enumerated...

6.9CVSS5.2AI score0.00233EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.7 views

CVE-2026-45595

Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...

5.4CVSS5.4AI score0.00423EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 7:17 p.m.11 views

CVE-2026-36805

Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS0.00309EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.11 views

CVE-2026-45595

Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...

5.4CVSS0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.32 views

CVE-2026-45595 Windows Mark of the Web Security Feature Bypass Vulnerability

...

5.4CVSS0.00423EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 5:5 p.m.10 views

CVE-2026-45595 Windows Mark of the Web Security Feature Bypass Vulnerability

...

5.4CVSS5.4AI score0.00423EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:5 p.m.9 views

EUVD-2026-35554

Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...

5.4CVSS5.4AI score0.00423EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:5 p.m.35 views

CVE-2026-45595

Technical details about CVE-2026-45595 are not publicly available in the provided documents. Monitor for updates about affected components, root cause, and remediation.

5.4CVSS5.5AI score0.00423EPSS
Exploits0References1Affected Software13
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.11 views

Windows Mark of the Web Security Feature Bypass Vulnerability

Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...

5.4CVSS5.4AI score0.00423EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.9 views

PT-2026-47984

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A failure in the Mark of the Web MOTW protection mechanism allows an unauthorized attacker to bypass a security feature over a network, which can affect the system. Recommendations At the...

5.4CVSS5.4AI score0.00423EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Microsoft Windows Mark of the Web (MOTW) 处理逻辑错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Mark of the Web MOTW. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are...

5.4CVSS5.8AI score0.00423EPSS
Exploits0References1
HackRead
HackRead
added 2026/06/08 10:17 a.m.18 views

Instagram Glitch Reportedly Exposed Contact Info of Zuckerberg and Other Users

Instagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.11 views

CVE-2025-15565

The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the redirect function in all versions up to, and including, 8.3.0. This makes it possible for unauthenticated attackers to mark pending WooCommerce orders as paid/completed...

5.3CVSS5.5AI score0.00189EPSS
Exploits0References1
Rows per page
Query Builder