Lucene search
+L

54 matches found

ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.10 views

PT-2026-57028

Name of the Vulnerable Software and Affected Versions YesWiki versions 4.6.2 through 4.6.5 Description An authentication bypass exists in the ActivityPub implementation due to the incorrect handling of the return value from the openssl verify function in HttpSignatureService::verifySignature. The...

8.2CVSS6.1AI score0.00022EPSS
Exploits0References5
osv
osv
added 2026/07/07 8:29 p.m.7 views

CVE-2026-53730 DataEase: Unauthorized Access to Engine Database via previewSql Endpoint

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/datasetData/previewSql endpoint lacks the mandatory @DePermit permission validation annotation, allowing any authenticated user to specify datasourceId=-1, access the built-in engine database, execute...

8.7CVSS6.2AI score0.00235EPSS
Exploits0References4
euvd
euvd
added 2026/07/06 7:55 p.m.6 views

EUVD-2026-25017

kill: 'kill -1' parsed as PID -1, sending SIGTERM to all processes system crash / DoS...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References5
euvd
euvd
added 2026/05/28 9:36 a.m.10 views

EUVD-2026-32788

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

5.8AI score0.00128EPSS
Exploits0References5
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an incorrect match in devargsmatchdevice. Syzkaller discovered a failed assertion: “Assertion failed: args-devid != u64-1 || args-missing”, in fs/btrfs/volumes.c:6921. This issue can occur when we set devid to u64-1...

5.5CVSS5.8AI score0.00167EPSS
Exploits0References1
nvd
nvd
added 2026/05/11 6:16 p.m.21 views

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

6.2CVSS0.00158EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/05/11 5:20 p.m.17 views

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References2Affected Software1
alpinelinux
alpinelinux
added 2026/05/11 5:20 p.m.12 views

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References1
exploitdb
exploitdb
added 2026/04/30 12:0 a.m.89 views

Windows 11 25H2 - Heap Overflow

Exploit Title: Windows 11 25H2 - Heap Overflow Ghost Patch Exploit Framework Date: 2026-02-13 Exploit Author: nu11secur1ty Vendor Homepage: https://www.microsoft.com Software Link: https://www.microsoft.com/software-download/windows11 Version: Windows 11 25H2 Build 26200.7830 Vulnerable Tested on...

7.3CVSS5.2AI score0.01243EPSS
Exploits1
cve
cve
added 2026/04/24 2:35 p.m.16 views

CVE-2026-31569

The CVE-2026-31569 issue affects the Linux kernel’s LoongArch KVM path, where EIOINTC's coremap can be empty in eiointc_update_sw_coremap(), causing an out-of-bounds access to kvm_arch::phyid_map::phys_map[]. The described impact is system instability or a crash, with potential information disclo...

7.3CVSS5.4AI score0.0012EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/04/22 6:31 p.m.6 views

GHSA-GPCG-H6X2-C26P Duplicate Advisory: uutils coreutils has an Improper Input Validation issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p6rv-2qpm-fwvg. This link is maintained to preserve external references. Original Description An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References5
nvd
nvd
added 2026/04/22 5:16 p.m.5 views

CVE-2026-35369

An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send the default signal SIGTERM to PID -1. Sending a signal to PID -1 causes the kernel to terminate all processes visible to the caller, potentially leading to a system crash or massi...

5.5CVSS0.00128EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/22 4:8 p.m.4 views

CVE-2026-35369 uutils coreutils kill System-wide Process Termination and Denial of Service via Argument Misinterpretation

An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send the default signal SIGTERM to PID -1. Sending a signal to PID -1 causes the kernel to terminate all processes visible to the caller, potentially leading to a system crash or massi...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
osv
osv
added 2026/04/22 4:8 p.m.3 views

CVE-2026-35369 uutils coreutils kill System-wide Process Termination and Denial of Service via Argument Misinterpretation

An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send the default signal SIGTERM to PID -1. Sending a signal to PID -1 causes the kernel to terminate all processes visible to the caller, potentially leading to a system crash or massi...

5.5CVSS6AI score0.00128EPSS
Exploits0References6
nessus
nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-35369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send the default signal SIGTERM to PID -1...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/03/18 12:0 a.m.5 views

Defending the Power Grid by Segmenting the EV Charging Cyber Infrastructure

This paper examines defending the power grid against load-altering attacks using electric vehicle charging. It proposes to preventively segment the cyber infrastructure that charging station operators CSOs use to communicate with and control their charging stations, thereby limiting the impact of...

5.7AI score
Exploits0
redhat
redhat
added 2026/02/02 9:30 a.m.8 views

kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...

7.8CVSS5.6AI score0.00154EPSS
Exploits0References5
cnnvd
cnnvd
added 2025/12/30 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from setting sizeshift to -1 when masking an erase type, which could result in an out-of-bounds shift...

6.1AI score0.00168EPSS
Exploits0References6
susecve
susecve
added 2025/12/25 12:24 a.m.3 views

SUSE CVE-2025-68352

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min32, trans-len + 1', which includes the 1-byte command header...

5.5CVSS6.8AI score0.00168EPSS
Exploits0References7
euvd
euvd
added 2025/12/24 12:30 p.m.5 views

EUVD-2025-205102

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min32, trans-len + 1', which includes the 1-byte command header...

6.3AI score0.00168EPSS
Exploits0References5
Rows per page
Query Builder