Lucene search
K

120 matches found

CVE
CVE
added 5 days ago25 views

CVE-2026-14345

The CVE-2026-14345 entry concerns the WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell (WordPress plugin). Affected versions up to and including 3.12.7 are vulnerable to Remote Code Execution via the postData parameter. The root cause is an unsanitized write of attacker...

9.8CVSS6.3AI score0.00745EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.26 views

CVE-2026-53069 net, bpf: fix null-ptr-deref in xdp_master_redirect() for down master

In the Linux kernel, the following vulnerability has been resolved: net, bpf: fix null-ptr-deref in xdpmasterredirect for down master syzkaller reported a kernel panic in bondrrgenslaveid reached via xdpmasterredirect. Full decoded trace: https://syzkaller.appspot.com/bug?extid=80e046b8da2820b6ba...

7.5CVSS0.00385EPSS
Exploits0References7
NVD
NVD
added 2026/06/09 6:16 p.m.16 views

CVE-2026-34706

InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00139EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.10 views

SUSE CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5CVSS5.5AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Adobe Substance3D Sampler 缓冲区错误漏洞

Adobe Substance3D Sampler is a rendering software for 3D scenes developed by Adobe Inc. Versions of Adobe Substance3D Sampler 6.0.0 and earlier contain a buffer error vulnerability. This vulnerability stems from an out-of-bounds write vulnerability, which could allow arbitrary code to be executed...

7.8CVSS6AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 5:16 p.m.18 views

CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5CVSS0.001EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 5:16 p.m.8 views

UBUNTU-CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

4.8CVSS5.3AI score0.001EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/08 3:46 p.m.11 views

EUVD-2026-35167

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5AI score0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47373

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A flaw in the SELinux component allows only a single open of the '/sys/fs/selinux/policy' endpoint at any time. This...

9.1CVSS5.4AI score0.00457EPSS
Exploits1References61
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-34661

Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00138EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the handling of cached open files in the nfsd4open code path. The commit fb70bf124b05 “NFSD: Instantiate a struct file when creating a regular NFSv4 file” added the ability to cache an open file descriptor across...

4.7CVSS6AI score0.00235EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/04/29 12:11 a.m.10 views

USN-8221-1: wheel vulnerability

It was discovered that wheel did not correctly handle certain file paths. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code...

7.1CVSS7.2AI score0.00311EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32903

Bridge | Heap-based Buffer Overflow CWE-122 CVE: CVE-2026-27310 PT ID: PT-2026-32903 Vendor: Adobe Product: Bridge CVSS: 7.8 Credits: n/a Description: Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code executio...

7.8CVSS6.3AI score0.00254EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/13 3:0 a.m.11 views

nodejs: Node.js: Permission bypass allows unauthorized modification of file permissions and ownership via incomplete security fix.

A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied...

3.3CVSS6.2AI score0.00159EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/11 3:30 a.m.5 views

EUVD-2026-21635

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.6AI score0.00651EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.6 views

CVE-2026-35584

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, the endpoint GET /thread/read/conversationid/threadid does not require authentication and does not validate whether the given threadid belongs to the given conversationid. This allows any...

6.9CVSS6AI score0.00304EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 4:7 p.m.6 views

CVE-2026-35584

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, the endpoint GET /thread/read/conversationid/threadid does not require authentication and does not validate whether the given threadid belongs to the given conversationid. This allows any...

6.9CVSS6AI score0.00304EPSS
Exploits2References2Affected Software1
EUVD
EUVD
added 2026/04/07 4:7 p.m.7 views

EUVD-2026-19734

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, the endpoint GET /thread/read/conversationid/threadid does not require authentication and does not validate whether the given threadid belongs to the given conversationid. This allows any...

6.9CVSS6AI score0.00304EPSS
Exploits2References1
EUVD
EUVD
added 2026/03/17 6:30 p.m.3 views

EUVD-2026-12600

The GL-iNet Comet GL-RM1 KVM does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...

7CVSS5.8AI score0.00332EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/11 12:31 a.m.5 views

EUVD-2026-10942

Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00141EPSS
Exploits0References2
Rows per page
Query Builder