Lucene search
K

147 matches found

CVE
CVE
added yesterday9 views

CVE-2026-39822

CVE-2026-39822 describes a root-escape vulnerability in Unix environments involving os.Root: when opening a path whose final component is a symbolic link and the path ends with a slash, the implementation may follow the symlink to locations outside the designated root. Example: root.Open("symlink...

7.8CVSS6AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-14345

The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsanitized write of attacker-controlled postData values...

9.8CVSS6.3AI score0.00745EPSS
Exploits0References12
Cvelist
Cvelist
added 2 days ago38 views

CVE-2026-14345 WPFunnels <= 3.12.7 - Unauthenticated Remote Code Execution via 'postData' Parameter

The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsanitized write of attacker-controlled postData values...

9.8CVSS0.00745EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/16 4:28 a.m.8 views

gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow

A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...

7.8CVSS7.8AI score0.00596EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.10 views

SUSE CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5CVSS5.5AI score0.00145EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 5:16 p.m.18 views

CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5CVSS0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 5:16 p.m.7 views

UBUNTU-CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

4.8CVSS5.3AI score0.00145EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.44 views

CVE-2026-46302 selinux: allow multiple opens of /sys/fs/selinux/policy

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

0.00145EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:46 p.m.8 views

CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5AI score0.00145EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 3:46 p.m.11 views

EUVD-2026-35167

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

5.5AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 3:46 p.m.33 views

CVE-2026-46302

CVE-2026-46302 concerns the Linux kernel SELinux policy handling. The vulnerability arises because multiple processes could concurrently open /sys/fs/selinux/policy, whereas previously only one open was allowed. The root cause is a retained policy_opened flag and a too-large critical section arou...

5.5CVSS5.5AI score0.00145EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47373

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A flaw in the SELinux component allows only a single open of the '/sys/fs/selinux/policy' endpoint at any time. This...

9.1CVSS5.4AI score0.00457EPSS
Exploits1References61
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.9 views

SUSE CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

4.7CVSS5.7AI score0.00128EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 10:16 a.m.5 views

UBUNTU-CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.8 views

CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:35 a.m.8 views

CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

5.7AI score0.00128EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/05/28 9:35 a.m.11 views

EUVD-2026-32770

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

5.7AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:35 a.m.29 views

CVE-2026-46143

The CVE-2026-46143 issue affects the Linux kernel’s ASoC component, specifically qcom: q6apm-lpass-dai. Root cause: prepare may be invoked multiple times, causing multiple graph opens in the playback path and resulting memory leaks. Mitigation in the public documents is a patch that adds a check ...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.32 views

CVE-2026-46143 ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

0.00128EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.18 views

PT-2026-44266

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the ASoC qcom q6apm-lpass-dai component, the prepare function can be called multiple times, leading to multiple graph opens for the playback path. This behavior results in memory leaks...

9.8CVSS5.9AI score0.03663EPSS
Exploits16References282
Rows per page
Query Builder