Lucene search
K

18867 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-34167

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the ActivityMonitor Livewire component exposes a public $activityId property without Livewire's Locked attribute. It loads activities via Activity::find$this-activityId wit...

5CVSS0.00199EPSS
Exploits0References4
NVD
NVD
added 6 days ago10 views

CVE-2025-59616

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

7.8CVSS0.00064EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2025-59615

Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization...

7.8CVSS0.00064EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2025-59617

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

7.3CVSS0.00065EPSS
Exploits0References1
Snyk
Snyk
added 6 days ago5 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview langroid is a Harness LLMs with Multi-Agent Programming Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the handlemessage process. An attacker can execute arbitrary tool handlers by...

8.6CVSS6.1AI score0.00392EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2025-59616

CVE-2025-59616 is a memory corruption (use-after-free) flaw triggered when processing multiple IOCTL calls using the same buffer file descriptor input, due to accessing already freed memory. According to NVD, the CVSSv3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 7.8 (HIG...

7.8CVSS6.1AI score0.00064EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2025-59616 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS0.00064EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2025-59615

Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization...

6.6CVSS6AI score0.00064EPSS
Exploits0References2
CVE
CVE
added 6 days ago11 views

CVE-2025-59615

Technical details are not publicly available in the provided documents. Monitor for updates.

7.8CVSS6AI score0.00064EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-25019

id: pretty-print uses effective GID instead of effective UID for name lookup...

3.3CVSS5.9AI score0.00123EPSS
Exploits1References3
OSV
OSV
added 6 days ago5 views

OESA-2026-2874 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classifie...

5.3CVSS4.9AI score0.00388EPSS
Exploits0References2
OSV
OSV
added 6 days ago5 views

OESA-2026-2872 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classifie...

5.3CVSS5.2AI score0.00388EPSS
Exploits0References2
CVE
CVE
added 6 days ago9 views

CVE-2026-11855

CVE-2026-11855 affects the Simple Membership WordPress plugin prior to 4.7.5. The issue arises because Stripe webhook requests are not authenticated when no signing secret is configured, and a value taken from those requests is not escaped before being output in an administrator notice. This lead...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-11766

The Ultimate Member WordPress plugin before 2.12.0 does not properly sanitise and escape the value of custom textarea profile fields before outputting it on user profiles, allowing authenticated users with Subscriber-level access and above to store JavaScript that executes when any user, includin...

8CVSS6AI score0.00247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-55985

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when invoking device input/output control operations for mapping and unmapping persistent memory buffers. This issue is caused by improp...

7.8CVSS6AI score0.00064EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-56053

Name of the Vulnerable Software and Affected Versions @xhmikosr/decompress versions prior to 10.2.1 @xhmikosr/decompress versions prior to 11.1.3 decompress versions prior to 4.3.0 Description When extracting archives to a directory, a crafted archive can read or write files outside that director...

9.1CVSS6AI score
Exploits0References7
OSV
OSV
added last week4 views

RLSA-2026:30860 Important: perl-IO-Compress security update

This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 i.e. gzip and zip files/buffers. The following modules used to be distributed...

7.8CVSS6.4AI score0.00292EPSS
Exploits3References2
OSV
OSV
added 2026/07/05 3:40 a.m.5 views

ROOT-OS-DEBIAN-11-CVE-2024-42230 CVE-2024-42230 in rootio-linux - Patched by Root

Root has patched CVE-2024-42230 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.4CVSS6.8AI score0.00205EPSS
Exploits0
EUVD
EUVD
added 2026/07/04 1:15 p.m.7 views

EUVD-2026-41674

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:50 a.m.6 views

CVE-2026-9148

The Comments – wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the guest commenter 'Website' field in versions up to, and including, 7.6.56 This is due to insufficient output escaping in the getCommentAuthor function, which interpolates the stored commentauthorurl...

7.2CVSS6.1AI score0.00305EPSS
Exploits0References12
Rows per page
Query Builder