Lucene search
K

76421 matches found

GithubExploit
GithubExploit
added 1 hour ago10 views

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

PACKETEDITMEME - CVE-2026-46331 net/sched actpedit parti...

7.8CVSS6.5AI score0.00321EPSS
Exploits11
GithubExploit
GithubExploit
added 2 hours ago8 views

Exploit for CVE-2026-29116

CVE-2026-29116 — Dahua Unauthenticated Remote Denial of Servic...

8.7CVSS6.9AI score0.00395EPSS
Exploits3
Positive Technologies
Positive Technologies
added 8 hours ago3 views

PT-2026-57393

The Booking Package plugin for WordPress is vulnerable to generic SQL Injection via 'email' Form Parameter form in all versions up to, and including, 1.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

7.5CVSS6.1AI score
Exploits0References11
NVD
NVD
added yesterday5 views

CVE-2026-54736

Phalcon is a high-performance, full-stack PHP framework. Prior to 5.14.1, Phalcon\Encryption\Crypt::decrypt compares the attacker-supplied HMAC tag against the freshly computed HMAC using PHP/Zephir identity comparison, which lowers to a byte-wise comparison that returns early on the first...

8.2CVSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday3 views

Malicious code in @jaymara/jsononifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ade6fb9a07c6f1417e9569af48b6c638bf12fba7540493b1b38a2d6ba42d101c @jaymara/[email protected] is advertised as a JSON formatting utility but ships a covert command-execution primitive that fires on require. index.js...

6.1AI score
Exploits0References3
NVD
NVD
added yesterday4 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

Exploits0References1
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-57158

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. FreeRDP clients using the Graphics GFX pipeline are vulnerable to an out-of-bounds read. A malicious RDP server can exploit this by sending a specially crafted, truncated RDPGFXCMDIDWIRETOSURFACE1 planar payloa...

5.4CVSS6AI score
Exploits0References7
EUVD
EUVD
added yesterday3 views

EUVD-2026-43097

Phalcon is a high-performance, full-stack PHP framework. Prior to 5.14.1, Phalcon\Encryption\Crypt::decrypt compares the attacker-supplied HMAC tag against the freshly computed HMAC using PHP/Zephir identity comparison, which lowers to a byte-wise comparison that returns early on the first...

8.2CVSS6.1AI score
Exploits0References5
Cvelist
Cvelist
added yesterday8 views

CVE-2026-54736 Phalcon: Non-constant-time HMAC verification in `Encryption\Crypt::decrypt` (timing side-channel)

Phalcon is a high-performance, full-stack PHP framework. Prior to 5.14.1, Phalcon\Encryption\Crypt::decrypt compares the attacker-supplied HMAC tag against the freshly computed HMAC using PHP/Zephir identity comparison, which lowers to a byte-wise comparison that returns early on the first...

8.2CVSS
Exploits0References5
CVE
CVE
added yesterday3 views

CVE-2026-54736

Technical details (affected versions, root cause specifics, and remediation beyond what is in the Initial Description) are not publicly available in the provided documents; monitor for updates.

8.2CVSS6.1AI score
Exploits0References5
Cvelist
Cvelist
added yesterday9 views

CVE-2026-7639 GPU DDK - Page UAF read in PMMETA_PROTECT heap memory

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-43037

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

6.1AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-7639

CVE-2026-7639 affects the GPU DDK driver (PMMETA_PROTECT heap) where a non-privileged user can trigger a sequence of improper GPU system calls and a faulty MMU mapping path, leading to a use-after-free and incomplete cleanup of internal driver state. This may allow future unauthorized access to c...

6.1AI score
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57158

FreeRDP is a free implementation of the Remote Desktop Protocol. From 3.21.0 before 3.28.0, FreeRDP clients using the GFX pipeline contain an incomplete fix for CVE-2026-23530 in planardecompressplanerleonly in libfreerdp/codec/planar.c, allowing a malicious RDP server to send a truncated...

5.1CVSS
Exploits0References4
NVD
NVD
added yesterday5 views

CVE-2026-57157

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS
Exploits0References6
Vulnrichment
Vulnrichment
added yesterday3 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-43006

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score
Exploits0References6
Cvelist
Cvelist
added yesterday8 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS
Exploits0References6
CVE
CVE
added yesterday8 views

CVE-2026-57157

FreeRDP (server implementations with the MS-RDPECAM camera device enumerator channel enabled) is affected prior to 3.28.0. Attackers can cause a 1- to 2-byte out-of-bounds heap read by scanning attacker-supplied DeviceName and VirtualChannelName fields and dereferencing beyond the scanned bound i...

6.5CVSS6.1AI score
Exploits0References6
Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-57157

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score
Exploits0
Rows per page
Query Builder