Lucene search
K

230 matches found

EUVD
EUVD
added 2026/05/28 9:36 a.m.15 views

EUVD-2026-32777

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

5.8AI score0.00142EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:36 a.m.39 views

CVE-2026-46150

The CVE-2026-46150 issue affects the Linux kernel fanotify subsystem. It arises because fsnotify_get_mark_safe() may return false for a mark in an unrelated group, bypassing the permission check. The fix patches the logic to skip detached marks that are not in the current group, mitigating the by...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.23 views

PT-2026-44273

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the fanotify system allows the fsnotify get mark safe function to return false for a mark on an unrelated group. This behavior leads to the bypassing of permission checks. The...

7.1CVSS6AI score0.00142EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.27 views

PT-2026-44298

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An inconsistency occurs in the f2fs file system during Foreground Garbage Collection FGGC node block migration. The Garbage Collection process fails to clear the dentry and fsync marks...

9.8CVSS5.9AI score0.03663EPSS
Exploits16References279
Snyk
Snyk
added 2026/05/27 9:41 a.m.13 views

Improper Encoding or Escaping of Output

Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the HtmlSanitizer component that fails to properly detect and strip percent-encoded BiDi...

5.3CVSS5.8AI score0.00025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls...

5.5CVSS6AI score0.00123EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 5:45 a.m.5 views

BIT-JRE-2023-25193

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

7.5CVSS6.7AI score0.01812EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-38795

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

7.5CVSS5.8AI score0.01812EPSS
Exploits0References10
OSV
OSV
added 2026/05/07 10:48 a.m.2 views

SUSE-SU-2026:1749-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: - CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. - CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected...

8.8CVSS5.9AI score0.0072EPSS
Exploits2References17
OSV
OSV
added 2026/05/06 2:44 p.m.5 views

BIT-JAVA-MIN-2023-25193

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

7.5CVSS6.8AI score0.01812EPSS
Exploits0References9
OSV
OSV
added 2026/05/06 2:43 p.m.3 views

BIT-JAVA-2023-25193

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

7.5CVSS6.8AI score0.01812EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37774

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

7.5CVSS6.8AI score0.01812EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37981

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

7.5CVSS6.7AI score0.01812EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2026:1648-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1648-1 advisory. Update to version 2.52.1. Security issues fixed: - CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy...

8.8CVSS5.9AI score0.0072EPSS
Exploits2References25
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.6 views

Andrea ST Filters Service Code Issues and Vulnerabilities

Andrea ST Filters Service is an audio enhancement driver component developed by Andrea Corporation in the United States. Version 1.0.64.7 of Andrea ST Filters Service contains a code vulnerability. This vulnerability stems from the service path in the Windows service configuration that lacks...

8.5CVSS6AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.2 views

MiracleLinux 8 : harfbuzz-1.7.5-4.el8 (AXSA:2024-8252:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8252:02 advisory. harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 Tenable has extracted the preceding description block directly from th...

7.5CVSS8.4AI score0.01812EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 7 : harfbuzz-1.7.5-2.0.1.el7.AXS7 (AXSA:2024-8760:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8760:03 advisory. CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh CVEs: CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through...

7.5CVSS8.4AI score0.01812EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/10 12:30 a.m.6 views

EUVD-2025-206271

Details On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different...

3.5CVSS6.3AI score0.00196EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:34 a.m.6 views

CVE-2024-41243

An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...

5.3CVSS7.1AI score0.00514EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.6 views

PT-2025-53453

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion affected versions not specified Description A flaw exists in the Eaton UPS Companion software installer related to improper handling of quotation marks in search paths. This could allow an attacker with file system access t...

6.7CVSS6.8AI score0.00192EPSS
Exploits0References8
Rows per page
Query Builder