Lucene search
K

7307 matches found

Cvelist
Cvelist
added 2026/06/21 6:0 a.m.33 views

CVE-2026-12782 EaseUS Partition Master Kernel Driver EUEDKEPM.sys access control

A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been...

8.5CVSS0.00109EPSS
Exploits0References6
CVE
CVE
added 2026/06/21 6:0 a.m.21 views

CVE-2026-12782

The CVE-2026-12782 entry concerns EaseUS Partition Master (up to 14.5). The affected component is EUEDKEPM.sys (Kernel Driver); a flaw in an unknown function leads to improper access controls. It requires local access to exploit, and an exploit has been publicly released. Impact is described as h...

8.5CVSS6.6AI score0.00109EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/21 5:45 a.m.9 views

EUVD-2026-38146

A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...

8.5CVSS5.3AI score0.00112EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/21 5:45 a.m.7 views

CVE-2026-12781

A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...

8.5CVSS6.5AI score0.00112EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/21 5:45 a.m.35 views

CVE-2026-12781 EaseUS Partition Master Kernel Driver epmntdrv.sys access control

A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly...

8.5CVSS0.00112EPSS
Exploits0References6
CVE
CVE
added 2026/06/21 5:45 a.m.26 views

CVE-2026-12781

CVE-2026-12781 affects EaseUS Partition Master up to 14.5. The flaw is in the kernel driver epmntdrv.sys, in an unknown function, enabling local, low-privilege access to escalate due to improper access control. Exploitation is publicly available and has been demonstrated as a local-facing vulnera...

8.5CVSS6.5AI score0.00112EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/19 7:8 p.m.4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the uncompressed HEIF decoder process. An attacker can cause a crash by supplying a crafted HEIF file that manipulates compressed-unit offsets to trigger an out-of-bounds heap read. Remediation A fix was pushed int...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openssl1.0

The Raccoon attack exploits a flaw in the TLS specification, which allows an attacker to calculate the pre-master secret in connections that use a Diffie-Hellman DH-based ciphersuite. In such cases, the attacker can eavesdrop on all encrypted communications sent over that TLS connection. The atta...

4.3CVSS6.6AI score0.04803EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm: A use-after-free issue in drmgetunique has been fixed. There is a time-of-check-to-time-of-use error in drmgetunique, caused by retrieving fpriv-master before locking the device’s master mutex. An example of this error can b...

7CVSS6.1AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pnode: terminate at peers of source The propagatemnt function handles mount propagation when creating mounts and propagates the source mount tree @sourcemnt to all applicable nodes of the destination propagation mount tree, heade...

5.5CVSS6AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in xorg-server

A flaw related to out-of-bounds memory access was discovered in the X.Org server. This issue can occur when a device that has been frozen by a sync operation is reattached to a different master device. This issue may result in an application crashing, local privilege escalation if the server runs...

7.8CVSS7.2AI score0.01229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fixed a use-after-free vulnerability in the cdnsi3cmasterprobe function due to race conditions. In the cdnsi3cmasterprobe function, &master-hjwork is bound to cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can cal...

7CVSS6.4AI score0.00214EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/19 9:3 a.m.4 views

WordPress Master Slider plugin <= 3.11.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Master Slider versions = 3.11.2...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/18 4:16 p.m.10 views

CVE-2025-52465

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web pa...

7.2CVSS0.00353EPSS
Exploits0References4
CVE
CVE
added 2026/06/18 2:28 p.m.23 views

CVE-2025-52465

GeoServer has an arbitrary file write vulnerability (CVE-2025-52465) in the Master Password Dump page. Before versions 2.26.4 and 2.27.3, an authenticated administrator with access to GeoServer’s security system can pass an absolute path as the target file name to the Master Password Dump page, c...

7.2CVSS5.4AI score0.00353EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/18 2:28 p.m.16 views

CVE-2025-52465 GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web pa...

7.2CVSS0.00353EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/18 1:15 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...

8.8CVSS7.5AI score0.00477EPSS
Exploits3References2
Snyk
Snyk
added 2026/06/17 6:44 p.m.3 views

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the SSHMSGEXTINFO handler during the initial handshake process. An attacker can cause the client application to become unresponsive by sending a crafted extension count value that triggers an infini...

8.2CVSS7AI score0.00408EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/17 6:22 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview org.webjars.npm:undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the handling of WebSocket message fragments. An attacker can cause unbounded memory growth and...

8.7CVSS5.9AI score0.00759EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/17 2:6 p.m.8 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification through the audio.py file. An attacker can cause excessive memory consumption by...

7.1CVSS5.9AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder