Lucene search
+L

340 matches found

OSV
OSV
added 2026/07/02 2:13 p.m.3 views

PYSEC-2026-686 OpenStack Neutron Race Condition vulnerability

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

5.9CVSS5.9AI score0.01847EPSS
Exploits0References14
Cvelist
Cvelist
added 2026/06/22 12:47 p.m.33 views

CVE-2026-7166 Multiple vulnerabilities in the Assassin game by Gaudire

Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on...

9.2CVSS0.00384EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51318

Vulnerability involving the exposure of sensitive data provided without adequate protection. The API exposes email and phone number data from the ‘email’ and ‘telefon’ fields. This vulnerability is also present in the local database, as it contains accessible sensitive information such as data on...

9.2CVSS5.9AI score0.00384EPSS
Exploits0References2
Wired Threat Level
Wired Threat Level
added 2026/06/02 10:0 a.m.8 views

The Manhattan Institute Helped Kill DEI. Now It’s Coming for Protests

The right-wing think tank is actively pushing “civil terrorism”—increasing penalties for minor crimes committed while people engage in constitutionally protected free speech...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/21 8:14 a.m.8 views

CVE-2026-44075 Missing break in DSI OpenSession

A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a DSIOPTATTNQUANT switch case to fall through into DSIOPTSERVQUANT, resulting in unintended session option handling that may allow a remote attacker to cause a minor service disruption via crafted DSI...

3.7CVSS5.8AI score0.00329EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: serial: liteuart: fix minor-number leak on probe errors Be sure to release the allocated minor number before returning on probe errors...

5.5CVSS5.1AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Misc: ocxl: Fixed a possible double-free in ocxlfileregisterafu. The inforelease function will be called in deviceunregister when the reference count of info-dev is 0. Therefore, there is no need to call ocxlafuput and kfree agai...

7.8CVSS6.2AI score0.0026EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: The maximum minor value is set to blkallocextminor. The function idaallocrange..., with arguments min, max..., returns values ranging from min to max, including both ends. Therefore, NREXTDEVT is a valid index returned by...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: hso: Fix null-ptr-deref during tty device unregistration Multiple tty devices attempt to claim the same minor number, resulting in a double unregistration of the same device. The first unregistration succeeds, but the next...

5.5CVSS6.2AI score0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: uio: Fixed a use-after-free in uioopen. core-1 core-2 ------------------------------------------------------- uiounregisterdevice uioopen idev = idrfind deviceunregister&idev-dev putdevice&idev-dev uiodevicerelease...

7.8CVSS6.3AI score0.00299EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/18 1:22 p.m.13 views

SUSE CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6.1AI score0.00287EPSS
Exploits0References10
OSV
OSV
added 2026/05/14 2:16 p.m.21 views

ALPINE-CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6.1AI score0.00287EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 2:16 p.m.7 views

UBUNTU-CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6.1AI score0.00287EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/14 1:0 p.m.6 views

CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

3.7CVSS6.1AI score0.0018EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/14 1:0 p.m.15 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/14 1:0 p.m.10 views

CVE-2026-6476 PostgreSQL pg_createsubscriber allows SQL injection via subscription name

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS6.1AI score0.00287EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 1:0 p.m.45 views

CVE-2026-6476 PostgreSQL pg_createsubscriber allows SQL injection via subscription name

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

7.2CVSS0.00287EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/04/23 7:57 a.m.12 views

Roblox clamps down on chats and age checks as legal pressure builds

Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total is climbing fast. On April 21, Alabama Attorney General Steve Marshall announced a $12.2 million settlement with the child-focused online gaming...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.11 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013057)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013057 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be cleared after the...

5.6AI score0.00193EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011317 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be cleared after the...

5.6AI score0.00193EPSS
Exploits0References4
Rows per page
Query Builder