Lucene search
K

19534 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.7 views

RHEL 8 : thunderbird (RHSA-2026:13537)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13537 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

9.8CVSS6.1AI score0.04938EPSS
Exploits1References52
GithubExploit
GithubExploit
added 2026/05/03 7:22 p.m.99 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail Guard text...

7.8CVSS6.1AI score0.96775EPSS
Exploits228
Tenable Nessus
Tenable Nessus
added 2026/05/03 12:0 a.m.12 views

AlmaLinux 10 : thunderbird (ALSA-2026:12285)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:12285 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...

9.8CVSS6AI score0.04938EPSS
Exploits1References27
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.18 views

RHEL 10 : thunderbird (RHSA-2026:12285)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:12285 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

9.8CVSS5.9AI score0.04938EPSS
Exploits1References52
NVD
NVD
added 2026/05/01 3:16 p.m.6 views

CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.5CVSS0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 2:15 p.m.11 views

CVE-2026-31781

CVE-2026-31781 concerns the Linux kernel drm/ioc32 compat ioctl path, where a user-controlled pointer was used to index a table of function pointers (spectre-like pattern). The issue is mitigated by applying array_index_nospec on the index to the function-pointer list, as described in the fix. Co...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/01 2:15 p.m.13 views

CVE-2026-31780

In CVE-2026-31780, the Linux kernel wi l c1000 Wi‑Fi driver is affected by a heap buffer overflow in the SSID scan path. The code accumulates total SSID lengths into a variable declared as u8, allowing up to 330 bytes for 10 SSIDs, but the u8 wrap causes a 75-byte kmalloc allocation followed by a...

7.8CVSS5.9AI score0.00143EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/01 1:56 p.m.39 views

CVE-2026-31709

In the Linux kernel SMB client (cifsacl), CVE-2026-31709 arises from insufficient validation of a server-provided DACL when rewriting security descriptors. The fix extends structural validation to ensure the DACL header, size, and per-ACE bounds are checked before any rewrite paths (replace_sids_...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References19Affected Software1
CVE
CVE
added 2026/05/01 1:0 p.m.10 views

CVE-2026-7581

The CVE describes a vulnerability in alexta69 MeTube up to 2026.04.09, affecting the CORS Policy implementation (function on_prepare in app/main.py). The issue results in a permissive cross-domain policy that can interact with untrusted domains and is exploitable remotely. A public exploit is ind...

5.3CVSS5.3AI score0.00169EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/05/01 12:52 p.m.78 views

Exploit for CVE-2026-31431

Copy-Fail---CVE-2026-31431 CVE-2026-31431 "Copy Fail" - Analys...

7.8CVSS5.9AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/01 5:13 a.m.88 views

Exploit for CVE-2026-31431

CVE-2026-31431 Mitigation for Deckhouse Kubernetes Platform...

7.8CVSS6AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/01 3:43 a.m.124 views

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Ansible Mitigation Recipe !C...

7.8CVSS5.6AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/01 1:43 a.m.122 views

Exploit for CVE-2026-31431

CVE-2026-31431 / GHSA-2274-3hgr-wxv6 — algifaead Remediator...

7.8CVSS6.2AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/01 1:0 a.m.141 views

Exploit for CVE-2026-31431

copy-fail-fix Per-distro mitigation scripts for CVE-2026-314...

7.8CVSS5.7AI score0.96775EPSS
Exploits228
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36292

Name of the Vulnerable Software and Affected Versions SourceCodester Advanced School Management System version 1.0 Description A SQL injection flaw exists in the 'checkEmail' endpoint within the commonController.php file. This issue allows remote attackers to manipulate database queries through a...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/04/30 9:36 p.m.76 views

Exploit for CVE-2026-31431

copyfailautopatch Detect and optionally mitigate CVE-2026...

7.8CVSS5.7AI score0.96775EPSS
Exploits228
Ubuntu
Ubuntu
added 2026/04/30 3:55 p.m.14 views

USN-8226-1: kmod update

It was discovered that the Linux kernel algifaead module contained a logic flaw allowing a local attacker to escalate privileges to root. This update to the kmod package disables loading the algifaead module as a measure to mitigate the issue until kernel updates are made available. See the...

7.8CVSS6.1AI score0.96775EPSS
Exploits228References1
GithubExploit
GithubExploit
added 2026/04/30 3:50 p.m.112 views

Exploit for CVE-2026-31431

CVE-2026-31431 - Script de Verificacao e Mitigacao Este repos...

7.8CVSS5.6AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/04/30 3:36 p.m.77 views

Exploit for CVE-2026-31431

Copy-Fail-CVE-2026-31431 A proof-of-concept exploit reprodu...

7.8CVSS6.4AI score0.96775EPSS
Exploits228
RedhatCVE
RedhatCVE
added 2026/04/30 2:46 p.m.7 views

CVE-2026-7500

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.4AI score0.00232EPSS
Exploits0References3
Rows per page
Query Builder