Lucene search
+L

4600 matches found

nvd
nvd
added 2026/07/06 9:16 p.m.7 views

CVE-2026-25271

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use...

7.8CVSS0.00052EPSS
Exploits0References1
euvd
euvd
added 2026/07/06 8:9 p.m.4 views

EUVD-2026-41933

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use...

7.8CVSS6AI score0.00052EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/06 8:9 p.m.6 views

CVE-2026-25271

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use...

7.8CVSS6AI score0.00052EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.11 views

PT-2026-55995

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description Memory corruption occurs when processing asynchronous input parameters. This is caused by a Time-of-Check to Time-of-Use TOCTOU race condition, where values are...

7.8CVSS6.1AI score0.00052EPSS
Exploits0References4
osv
osv
added 2026/06/26 8:17 p.m.4 views

DEBIAN-CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
osv
osv
added 2026/06/26 8:17 p.m.3 views

UBUNTU-CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References7
debiancve
debiancve
added 2026/06/26 7:41 p.m.7 views

CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0
euvd
euvd
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39852

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00114EPSS
Exploits0References4
euvd
euvd
added 2026/06/26 12:32 a.m.8 views

EUVD-2025-210344

picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load, enabling supply chain attacks o...

8.1CVSS6.1AI score0.003EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.12 views

PT-2026-52956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A firmware crash occurs in the mt7921 wifi driver when a station is configured with an Association Identifier AID greater than 20. This issue specifically affects IFTYPE AP interfaces an...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References18
cvelist
cvelist
added 2026/06/25 9:41 p.m.29 views

CVE-2025-71340 picklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode

picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load, enabling supply chain attacks o...

8.1CVSS0.003EPSS
Exploits0References2
snyk
snyk
added 2026/06/21 3:12 p.m.4 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the runcommand function of idlelib.pyshell.ModifiedInterpreter when handling pickle files in reduce method...

9.6CVSS6.2AI score0.00276EPSS
Exploits1References2
nvd
nvd
added 2026/06/21 2:16 p.m.12 views

CVE-2025-71357

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS0.00276EPSS
Exploits1References2
cvelist
cvelist
added 2026/06/21 1:26 p.m.32 views

CVE-2025-71357 picklescan - Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS0.00276EPSS
Exploits1References2
osv
osv
added 2026/06/21 1:26 p.m.4 views

CVE-2025-71357 picklescan - Arbitrary Code Execution via Undetected idlelib.pyshell.ModifiedInterpreter.runcommand

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

7.6CVSS6.1AI score0.00276EPSS
Exploits1References4
cve
cve
added 2026/06/16 5:53 p.m.39 views

CVE-2026-48775

LangGraph SQLite Checkpoint (JsonPlusSerializer) is vulnerable in 4.1.0 and earlier due to unsafe deserialization of JSON checkpoint payloads. If an unauthorized party can modify checkpoint bytes at rest in the backing store, the deserialization path could reconstruct objects beyond what the appl...

6.8CVSS6AI score0.00232EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/06/05 7:46 p.m.12 views

CVE-2026-33449

CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a cryptographically valid message to the client, overwriting a small portion of memory conceivably leading to a denial of service...

7.5CVSS5.8AI score0.00235EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:23 p.m.10 views

CVE-2026-35593

Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, allowing an authenticated attacker to read sensitive arbitrary files from the server's filesystem. T...

6.8CVSS6.3AI score0.00621EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40950

CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/27 7:23 p.m.12 views

CVE-2026-44590 Sherlock: Command Injection via pull_request_target in validate_modified_targets.yml

Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validatemodifiedtargets.yml is vulnerable to command injection via the pullrequesttarget trigger. Any GitHub user can execute arbitrary commands on the CI runner and exfiltra...

9.3CVSS6.1AI score0.01141EPSS
Exploits1References1
Rows per page
Query Builder