Lucene search
K

719 matches found

NVD
NVD
added 2026/06/01 10:16 p.m.15 views

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS0.00071EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.35 views

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00071EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:14 p.m.12 views

CVE-2026-0067

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a permanent denial of service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00071EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/29 10:9 p.m.11 views

Sequence of Processor Instructions Leads to Unexpected Behavior

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Sequence of Processor Instructions Leads to Unexpected Behavior through the fielddelete process. An attacker can permanently remove...

7.1CVSS5.8AI score0.00029EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:32 p.m.10 views

CVE-2026-49324

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

4.6CVSS5.8AI score0.00174EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Indian Motorcycle Scout Bobber + Tech 安全漏洞

The Indian Motorcycle Scout Bobber + Tech is a mid-level cruiser motorcycle produced by the Japanese company Indian Motorcycle. The Scout Bobber + Tech 2025 has a security vulnerability, where the resource consumption of the Wireless Control Module is uncontrolled, which may allow neighboring...

4.6CVSS5.8AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 5:16 p.m.23 views

CVE-2026-42083

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer, the smPolicyGroup route group is created and routes are...

8.2CVSS0.00323EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/27 3:53 p.m.47 views

CVE-2026-42459 free5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udm

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS0.00324EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/27 3:53 p.m.10 views

EUVD-2026-32554

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS5.8AI score0.00324EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/27 3:53 p.m.9 views

CVE-2026-42459 free5GC: Improper Input Validation and Generation of Error Message Containing Sensitive Information in github.com/free5gc/udm

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS5.8AI score0.00324EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.10 views

CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

8.7CVSS5.8AI score0.00703EPSS
Exploits1References1
CVE
CVE
added 2026/05/22 5:55 p.m.27 views

CVE-2026-39970

The CVE covers TypeBot (chatbot builder) ≤ version 3.15.2, where the profile picture upload form fails to sanitize SVG/XML uploads and directly renders them. This enables stored XSS via crafted SVGs containing JavaScript, with payload stored on app.typebot.io and accessible via a permanent link, ...

8.5CVSS6AI score0.00276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: enetc: An illegal access occurred when reading the affinityhint parameter. The irqsetaffinityhit function stores a reference to the cpumaskt parameter in the irqdescriptor. This reference can be accessed later from...

8.1CVSS5.7AI score0.00936EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: qup: Do not skip cleanup in the error path of the remove function. Returning early in the remove callback of a platform driver is incorrect. In this case, the DMA resources are not released during the error path. This issue ...

5.5CVSS5.3AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: The secure rdrisquery check prevents integer overflow. The variables off and len, which are typed as uint32 in the rdrisquery function, are controlled by the incoming RNDIS response message. Therefore, their value...

6.4AI score0.00184EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 10:16 p.m.30 views

CVE-2025-15645

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...

5.1CVSS0.0021EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 9:41 p.m.44 views

CVE-2025-15645 Ledger Nano X, Flex, Stax MCU Firmware Update Denial of Service

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...

5.1CVSS0.0021EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 9:41 p.m.25 views

CVE-2025-15645

The CVE-2025-15645 affects Ledger Nano X, Flex, and Stax MCU firmware updater. The vulnerability is a denial-of-service in the MCU firmware update process caused by missing validation of the reset_handler parameter during firmware flashing. An attacker could supply a crafted reset_handler address...

5.1CVSS5.9AI score0.0021EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/19 9:41 p.m.7 views

CVE-2025-15645

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...

5.1CVSS5.9AI score0.0021EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/19 9:35 a.m.12 views

luksmeta: Data corruption when handling LUKS1 partitions with luksmeta

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

4.4CVSS5.7AI score0.00093EPSS
Exploits0References5
Rows per page
Query Builder