Lucene search
K

4557 matches found

Nuclei
Nuclei
added 13 hours ago48 views

OX Appsuite - Cross-Site Scripting

OX App Suite through 7.10.4 allows XSS via the app loading mechanism the PATHINFO to the /appsuite URI. id: CVE-2020-24701 info: name: OX Appsuite - Cross-Site Scripting author: DhiyaneshDk severity: medium description: | OX App Suite through 7.10.4 allows XSS via the app loading mechanism the...

6.1CVSS6.4AI score0.06788EPSS
Exploits3References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-58015

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

5.9CVSS5.9AI score
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-40318

A flaw was found in GLib. The D-Bus client-side implementation of the DBUSCOOKIESHA1 SASL authentication mechanism does not validate the cookiecontext parameter received from the server. A malicious D-Bus server can supply a cookiecontext containing path traversal sequences, causing the client to...

5.9CVSS5.9AI score
Exploits0References3
NVD
NVD
added 5 days ago6 views

CVE-2026-48800

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag text content inside in shortcuts.xml is read by NppXml::valueaNode Parameters.cpp:3658 in the feedUserCmds function and stored in UserCommand.cmd without any validation. When the user clicks the corresponding entry ...

7.8CVSS0.0036EPSS
Exploits3References2
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39360

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 4:30 p.m.13 views

CVE-2026-53091

The CVE-2026-53091 issue concerns the Linux kernel’s handling of GSO packet headers during qdisc_pkt_len_segs_init(). The root cause is that many ndo_start_xmit() paths assume headers are already in skb->head, while tso_build_hdr() may copy from skb->data, and qdisc_pkt_len_segs_init() diss...

8.4CVSS5.8AI score0.00123EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.27 views

CVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnect

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

7.8CVSS0.00129EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.8 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.8)

The version of AOS installed on the remote host is prior to 7.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.8 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a deni...

9.8CVSS6.9AI score0.00754EPSS
Exploits2References25
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed the NULL domain on device release. In the kdump kernel, the IOMMU operates in deferredattach mode. In this mode, info-domain may not yet be assigned by the time the releasedevice function is called. This leads t...

5.5CVSS5.3AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fixed a memory leak in amdpmcstbdebugfsopenv2. The function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism is enabled. When amdpmcsendcmd fails, the ‘buf’ variable needs to be released...

6.1AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fixed a memory leak in nfcmrvlplaydeferred. Similar to the handling of playdeferred in commit 19cfe912c37b “Bluetooth: btusb: Fixed a memory leak in playdeferred”, we thought a patch might be necessary here as well...

5.5CVSS5.7AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Use callrcu to free endpoints This patch delays the endpoint freeing process by calling callrcu, in order to address another use-after-free issue in sctpsockdump: BUG: KASAN: Use-after-free in lockacquire+0x36d9/0x4c20...

5.5CVSS6.3AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Race conditions between subflow failures and additional subflow creations. We have race conditions similar to those addressed by the previous patch, between subflow failures and additional subflow creations. However, these...

7.8CVSS6.7AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in edk2

EDK2 contains a vulnerability in the BIOS, where an attacker can cause a “Protection Mechanism Failure” through local access. Successful exploitation of this vulnerability will lead to the execution of arbitrary code, compromising Confidentiality, Integrity, and Availability...

7CVSS6.5AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ variable failed. There is one issue that arises during fault injection tests: An unreferenced object with a size of 512 bytes: bash comm "insmod", pid 308021,...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the mech token during session setup. If a client sends an invalid mech token in a session setup request, ksmbd validates it and reports an error if the token is invalid...

7.1CVSS5.7AI score0.78388EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: The state of sparse-read was reset in osdfault. When a fault occurs, the connection is abandoned, re-established, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a...

7.5CVSS5.7AI score0.0028EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.14 views

Security Updates for Microsoft Office Products (June 2026) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the june-16-2026 advisory. - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824,...

8.4CVSS7.5AI score0.00629EPSS
Exploits0References27
Cvelist
Cvelist
added 2026/06/15 3:30 a.m.34 views

CVE-2026-12214 Qihoo 360 Total Security Nucleus Engine Monitoring Logic RpcStringBindingComposeW protection mechanism

A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack require...

8.5CVSS0.00124EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

SUSE SLES15 Security Update : memcached (SUSE-SU-2026:2293-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2293-1 advisory. This update for memcached fixes the following issues - CVE-2026-47783: timing side-channel in SASL password database authentication...

8.1CVSS5.4AI score0.01312EPSS
Exploits0References7
Rows per page
Query Builder