Lucene search
K

1365 matches found

CVE
CVE
added 2026/06/25 1:41 p.m.17 views

CVE-2026-47152

CVE-2026-47152 affects EmberZNet v9.0.2 and earlier. A malformed Level Control Move command (from a device already joined to the network, impacting devices that support the Level Control cluster) can trigger a divide-by-zero fault, terminating the process. Impact is aligned with the CVSS data: hi...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38833

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00167EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52965

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

0.00167EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52949

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboshrink infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad "drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure" to the ttmboshrink path. Move delbulkmove from before the backup to...

0.00162EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52965

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00167EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52965

The CVE-2026-52965 entry pertains to the Linux kernel DRM/TTM path and fixes an infinite LRU walk during swapout. Specifically, when ttm_tt_swapout() fails, the code previously added the resource to bulk_move and then moved it to the LRU tail, which could place it ahead of the hitch and cause lis...

5.8AI score0.00167EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:28 p.m.10 views

CVE-2026-52949

The CVE-2026-52949 entry affects the Linux kernel DRM/TTM subsystem, specifically the ttm_bo_shrink() path. It describes an infinite LRU walk on backup failure that is fixed by applying the same remedy used for ttm_bo_swapout() (prevents the infinite LRU walk on swapout failure). The patch also c...

5.8AI score0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The BUG function was replaced with ocfs2error in ocfs2MoveExtent. In ocfs2MoveExtent, the BUG function was changed to ocfs2error simply to avoid causing the entire kernel to crash due to filesystem corruption...

5.9AI score0.00185EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue related to synchronization in amdgpudmabufMoveNotify has been fixed. Invalidating a dmabuf will affect other users of the shared BO. In the scenario where Process A moves the BO, it needs to inform Process B...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51859

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a failure in ttm tt swapout can lead to an infinite loop during the LRU Least Recently Used list walk. This occurs because ttm resource mov...

6AI score0.00167EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51843

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a backup failure can lead to an infinite LRU Least Recently Used walk within the ttm bo shrink function. This occurs because the del bulk...

5.9AI score0.00162EPSS
Exploits0References11
NVD
NVD
added 2026/06/23 6:18 p.m.12 views

CVE-2026-54006

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/eventid/update validates that the caller has write access to the calendar the event currently belongs to, but does not validate the destination calendar...

4.3CVSS0.00179EPSS
Exploits1References1
CVE
CVE
added 2026/06/20 8:29 a.m.23 views

CVE-2026-12119

The CVE concerns the Simple File List WordPress plugin (≤6.3.7). A missing authorization check on the frontmanage shortcode attribute allows authenticated users with contributor-level access or higher to perform arbitrary file operations (delete, move, folder creation, download). The vulnerabilit...

6.5CVSS6AI score0.00267EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/19 10:55 a.m.33 views

CVE-2026-12706 Ffmpeg: ffmpeg: heap use-after-free read in rasc decoder decode_move()

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

6.5CVSS0.00245EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:41 a.m.8 views

CVE-2026-54414

FileRise before 3.16.0 is vulnerable to path traversal in the shared-folder upload endpoint /api/folder/uploadToSharedFolder.php, leading to arbitrary file write and administrator account takeover. The upload filename is validated by FolderController with basename and REGEXFILENAME, which permit...

9.8CVSS6.3AI score0.0072EPSS
Exploits0References4
NVD
NVD
added 2026/06/16 8:16 p.m.11 views

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted...

9.3CVSS0.00446EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 6:40 p.m.31 views

CVE-2026-48777

CVE-2026-48777 — FileBrowser Quantum has a path-traversal in the public share PATCH endpoint. Versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta allow an attacker with a public share link that has AllowModify=true to move, copy, or rename files outside the share root by abusing publicPatc...

9.3CVSS5.4AI score0.00446EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/12 8:7 p.m.14 views

TYPO3 CMS: Destructive Actions on File Mount Folders

Problem Non-privileged backend users with file mount access were able to perform write operations move, delete, rename on folders representing the root of an active file mount due to missing authorization restrictions. Solution Update to TYPO3 versions 10.4.57 ELTS, 11.5.51 ELTS, 12.4.46 ELTS,...

7.2CVSS5.2AI score0.00238EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/12 7:32 p.m.13 views

TYPO3 CMS has Broken Access Control in its DataHandler

Problem Backend users were able to move records to a different page without having edit permissions on the source page. Solution Update to TYPO3 versions 13.4.31 LTS, 14.3.3 LTS that fix the problem described. Credits TYPO3 CMS thanks Hyunseo Shin for reporting this issue, and TYPO3 security team...

5.3CVSS5.2AI score0.00238EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/12 7:32 p.m.8 views

GHSA-QCMW-6RM2-5X78 TYPO3 CMS has Broken Access Control in its DataHandler

Problem Backend users were able to move records to a different page without having edit permissions on the source page. Solution Update to TYPO3 versions 13.4.31 LTS, 14.3.3 LTS that fix the problem described. Credits TYPO3 CMS thanks Hyunseo Shin for reporting this issue, and TYPO3 security team...

5.3CVSS5.3AI score0.00238EPSS
Exploits0References7
Rows per page
Query Builder