Lucene search
K

6174 matches found

CVE
CVE
added 2026/06/24 4:29 p.m.19 views

CVE-2026-52999

CVE-2026-52999 pertains to the Linux kernel netfilter nfnetlink_osf, where an out-of-bounds read can occur during TCP option parsing when NF_OSF_LOGLEVEL_ALL is enabled. The root cause is a shared ctx->optp pointer that isn’t restored after nf_osf_match_one() returns, allowing subsequent finge...

9.1CVSS5.7AI score0.00521EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has a heap-based buffer overflow issue in the H5Tconvstructopt function within H5Tconv.c...

8.8CVSS7.4AI score0.0092EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed string copying in parseapplysbmountoptions. The strnlen function cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 “string.h: Introduce memtos...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in curl

When performing TLS-related transfers using reused easy or multi-handles, and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl may accidentally reuse a CA store cached in memory, where the partial chain option is reversed. This goes against the user’s wishes and expectations. As a result,...

5.3CVSS6.9AI score0.00679EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: The return value of f2fsrecoverfsyncdata has been fixed. With the following scripts, a panic will occur in f2fs: bash mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsy...

5.8AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: xttcpmss: Check the remaining length before reading optlen Quoting the reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1 directly, without validating the remaining option length. If t...

8.2CVSS6AI score0.00463EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 7:16 a.m.10 views

CVE-2026-8690

The RentMy Real-Time Rental Management Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.4.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00255EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 7:14 a.m.14 views

CVE-2026-52915

CVE-2026-52915 concerns the Linux kernel netfilter ip6t_hbh module, where ip6t_opts may store at most IP6T_OPTS_OPTSNR (16) option descriptors but hbh_mt6_check() did not reject larger optsnr values from userspace. This allowed a potential out-of-bounds condition (UBSAN: array-index-out-of-bounds...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/24 7:14 a.m.7 views

EUVD-2026-38718

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup...

5.7AI score0.00126EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.31 views

CVE-2026-52915 netfilter: ip6t_hbh: reject oversized option lists

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup...

7.1CVSS0.00126EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 5:33 a.m.7 views

EUVD-2026-38690

The RentMy Real-Time Rental Management Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.4.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 5:33 a.m.15 views

CVE-2026-8690

The CVE describes an authorization bypass in the RentMy Real-Time Rental Management Plugin for WordPress, affecting all versions up to 4.0.4.1. The root cause is improper verification of a user’s authorization to perform actions, enabling unauthenticated attackers to read, create, update, and del...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.33 views

CVE-2026-8690 RentMy Real-Time Rental Management Plugin <= 4.0.4.1 - Missing Authorization to Unauthenticated Settings Update via rentmy_cdn_request AJAX Action

The RentMy Real-Time Rental Management Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.0.4.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00255EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 5:33 a.m.8 views

EUVD-2026-38664

The Welcome Software Publishing plugin for WordPress is vulnerable to Arbitrary Options Update in all versions up to and including 0.0.31. This is due to a missing capability check in the ncsetOption function, which is exposed via the nc.setOption XML-RPC method. The function authenticates the us...

8.8CVSS5.8AI score0.00463EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.8 views

CVE-2026-56115

A flaw was found in dhcpcd. This vulnerability allows an unauthenticated attacker on the same network link to trigger a one-byte stack out-of-bounds write. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can corrupt adjacent stack memory. This can le...

8.8CVSS5.8AI score0.00307EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51708

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the hbh mt6 check function fails to reject optsnr values supplied from userspace that exceed the capacity of the struct ip6t opts structure...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51893

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the netfilter module. In the nf osf match function, the nf osf hdr ctx structure is passed by reference to nf osf match one for fingerprint checks. During...

9.1CVSS5.8AI score0.00521EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51755

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description An issue exists where the HTTP Referer: header persists even after being explicitly cleared. Although passing NULL to CURLOPT REFERER is intended to suppress the header, the internal state is...

7.5CVSS5.9AI score0.00652EPSS
Exploits1References35
RedHat Linux
RedHat Linux
added 2026/06/23 11:54 p.m.5 views

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

7.5CVSS6.7AI score0.02298EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/23 6:50 p.m.7 views

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

7.5CVSS5.9AI score0.02298EPSS
Exploits1References5
Rows per page
Query Builder