Lucene search
K

67 matches found

CVE
CVE
added 6 days ago43 views

CVE-2026-49274

CVE-2026-49274 affects Kirby CMS prior to versions 4.9.4 and 5.4.4. When the pages field is used and a role has pages.access disabled, authenticated users could supply an inaccessible parent page or site to the page picker backend, enabling confirmation of page existence and retrieval of title fi...

5.3CVSS5.9AI score0.00275EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.19 views

CVE-2026-10168

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...

6.5CVSS5.5AI score0.00243EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/31 4:0 a.m.11 views

CVE-2026-10168 OUSL-GROUP-BrinaryBrains School Student Management System Parents.php marks resource injection

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...

6.5CVSS6.3AI score0.00243EPSS
Exploits0References4
CVE
CVE
added 2026/05/31 4:0 a.m.23 views

CVE-2026-10168

The CVE concerns OUSL-GROUP-BrinaryBrains School Student Management System (up to build 1e70e5ad1125b86dca4ee086eb6bb121f17708b6). The vulnerability is in the function marks of the file application/controllers/Parents.php, where manipulating the argument param1 enables improper control of resourc...

6.5CVSS6.3AI score0.00243EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44825

Name of the Vulnerable Software and Affected Versions RustFS versions prior to 1.0.0-beta.2 Description Improper validation in the 'PUT /rustfs/admin/v3/import-iam' endpoint allows a user with ImportIAMAction to create service accounts under arbitrary parent identities, including the root user...

9.3CVSS5.9AI score0.00226EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dpll: Fixed the issue where dpllpinonpinregister could incorrectly register multiple parent pins when they were connected through dpllpinonpinregister. All these parent pins belonged to the same dpll device. A second call to...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/18 1:34 a.m.3 views

CVE-2026-27523 OpenClaw < 2026.2.24 - Sandbox Bind Validation Bypass via Symlink-Parent Missing-Leaf Paths

OpenClaw versions prior to 2026.2.24 contain a sandbox bind validation vulnerability allowing attackers to bypass allowed-root and blocked-path checks via symlinked parent directories with non-existent leaf paths. Attackers can craft bind source paths that appear within allowed roots but resolve...

6.9CVSS5.8AI score0.00254EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 1:34 a.m.54 views

CVE-2026-27523

OpenClaw OpenClaw prior to version 2026.2.24 contains a sandbox bind-validation bypass vulnerability. The issue lets a bind source path that uses a symlinked parent with a non-existent leaf circumvent allowed-root and blocked-path checks, causing the path to resolve outside the sandbox and weaken...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/31 12:16 p.m.6 views

UBUNTU-CVE-2025-71183

In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename exchanging either with the rename exchange operation or regular renames in multiple non-atomic steps two inodes and at least one of them is a directory,...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References17
OSV
OSV
added 2025/12/19 7:16 a.m.3 views

CVE-2025-66494

A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...

7.8CVSS6AI score0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/19 7:8 a.m.4 views

EUVD-2025-204466

A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...

7.8CVSS7.2AI score0.00255EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/10/15 11:39 a.m.11 views

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

7.8CVSS7.2AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/10/15 12:31 a.m.5 views

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

7.8CVSS7.2AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/10/13 12:15 a.m.10 views

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

7.8CVSS7.2AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/10/08 3:18 p.m.4 views

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

7.8CVSS7.2AI score0.00173EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987375)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987375 advisory. In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes...

7.8CVSS6AI score0.00272EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-22695

Malicious code in bioql PyPI...

6.2AI score0.00149EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/08/25 3:44 a.m.5 views

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

7.8CVSS7.2AI score0.00173EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmixcsrclkdevdata When numparents is 4,...

7.1CVSS6.2AI score0.00149EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/07/25 11:22 p.m.4 views

SUSE CVE-2025-38446

In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmixcsrclkdevdata When numparents is 4, clkregister occurs an out-of-bounds when accessing parentnames member. Use ARRAYSIZE instead of hardcode number here. BUG: KASAN:...

4.4CVSS6.5AI score0.00149EPSS
Exploits0References9
Rows per page
Query Builder