Lucene search
K

451 matches found

EUVD
EUVD
added 2026/06/09 5:43 p.m.12 views

EUVD-2026-35783

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 5:49 p.m.33 views

CVE-2026-49492

The CVE-2026-49492 entry concerns Markdown Preview Enhanced (pre-0.8.28) which opens external files/links from the preview via a shell and does not validate untrusted inputs from the markdown document (e.g., diagram filename attribute, imported file paths, latex_engine code-chunk attribute). On W...

8.8CVSS5.7AI score0.0034EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 5:20 p.m.4 views

CVE-2026-45058 electerm: Import unsafe bookmark data could lead to unsafe operation when click local type bookmark

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync targets. Affects users who import bookmark JSON files or who have electerm sync configured...

9.4CVSS6.7AI score0.00234EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:55 p.m.10 views

CVE-2026-48792

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

4.4CVSS5.8AI score0.00128EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow prior to version 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to handle any combination of \r and \n as line endings. This implementation uses a quadratic method of accumulating lines while searching for a line ending. A malicious EPS...

7.5CVSS6.6AI score0.02293EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...

9.3CVSS7.5AI score0.04378EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 5:49 p.m.9 views

CVE-2026-34662 Illustrator | NULL Pointer Dereference (CWE-476)

Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.9 views

SUSE CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS5.7AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28697

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

5.7AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/05/08 3:16 p.m.8 views

CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS0.00121EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.9 views

CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS5.7AI score0.00121EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.35 views

CVE-2026-43391 nsfs: tighten permission checks for handle opening

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 2:21 p.m.41 views

CVE-2026-43391

CVE-2026-43391 affects the Linux kernel nsfs component. The issue arises from insufficient permission checks when opening handles, enabling privileged services to potentially view other privileged services’ namespaces and leak information. The fix centralizes policy via may_see_all_namespaces() a...

8.8CVSS5.7AI score0.00121EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/08 2:21 p.m.4 views

CVE-2026-43391 nsfs: tighten permission checks for handle opening

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS6.6AI score0.00121EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.16 views

CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS5.7AI score0.00121EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39052

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nsfs component where permission checks for handle opening are insufficiently restrictive. This allows privileged services to potentially see namespaces of other...

8.8CVSS5.8AI score0.00121EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:58 a.m.10 views

CVE-2026-23926

An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that maintenance period in the Host navigator widget. This can allow the attacker to perform unauthorized actions depending on which user opens th...

7.3CVSS5.8AI score0.00285EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.15 views

PT-2026-38894

Summary attachments: pocs.zip Submodule names coming from .gitmodules are exposed as unvalidated names and are later reused to derive the submodule git directory as: /modules/ Because the submodule name is joined directly as a filesystem path component, a name such as ../../../escaped-target.git...

8.7CVSS5.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/14 7:24 p.m.7 views

CVE-2026-34618

Illustrator versions 30.2, 29.8.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00184EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.6 views

EUVD-2026-22438

InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre...

7.8CVSS5.9AI score0.00161EPSS
Exploits0References2
Rows per page
Query Builder