Lucene search
K

2178 matches found

Nuclei
Nuclei
added 18 hours ago21 views

Pi-hole Reflected XSS in 404-Error Page

Pi-hole Admin Interface = 6.2.1 contains a reflected XSS vulnerability on the 404 error page. The URL path is reflected unsanitized into the class attribute of the body tag, allowing attribute injection via a crafted URL to execute arbitrary JavaScript in victim browsers. id: CVE-2025-53533 info:...

6.1CVSS6.8AI score0.00564EPSS
Exploits2References2
NVD
NVD
added yesterday6 views

CVE-2026-50130

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root...

8.8CVSS
Exploits0References3
Cvelist
Cvelist
added yesterday31 views

CVE-2026-50130 Pi-hole: Local privilege escalation from `pihole` user to root via `/etc/pihole/logrotate`

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root...

8.8CVSS
Exploits0References3
OSV
OSV
added yesterday9 views

ROOT-APP-PYPI-CVE-2025-69224 CVE-2025-69224 in rootio-aiohttp - Patched by Root

Root has patched CVE-2025-69224 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...

6.5CVSS5.2AI score0.00213EPSS
Exploits0
Zero Science Lab
Zero Science Lab
added yesterday31 views

SIP Sustainable Irrigation Platform 5.x (cv) Settings Mass Assignment

Summary SIP is a free Raspberry Pi based Python program for controlling irrigation systems sprinkler, drip, hydroponic, etc. It uses web technology to provide an intuitive user interface UI in several languages. The UI can be accessed in your favorite browser on desktop, laptop, and mobile device...

8.8CVSS6.1AI score
Exploits2
Zero Science Lab
Zero Science Lab
added yesterday29 views

SIP Sustainable Irrigation Platform 5.x (nr-url) Blind SSRF

Summary SIP is a free Raspberry Pi based Python program for controlling irrigation systems sprinkler, drip, hydroponic, etc. It uses web technology to provide an intuitive user interface UI in several languages. The UI can be accessed in your favorite browser on desktop, laptop, and mobile device...

6.5CVSS6.2AI score
Exploits2
Zero Science Lab
Zero Science Lab
added yesterday31 views

SIP Sustainable Irrigation Platform 5.x CSRF Disable Passphrase Authorization

Summary SIP is a free Raspberry Pi based Python program for controlling irrigation systems sprinkler, drip, hydroponic, etc. It uses web technology to provide an intuitive user interface UI in several languages. The UI can be accessed in your favorite browser on desktop, laptop, and mobile device...

8.1CVSS6.1AI score
Exploits2
NVD
NVD
added 2026/07/07 9:16 a.m.9 views

CVE-2026-13199

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS0.00114EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/07 8:36 a.m.8 views

EUVD-2026-42021

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS5.9AI score0.00114EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 8:36 a.m.16 views

CVE-2026-13199

CVE-2026-13199 affects Raspberry Pi 5 and Compute Module 5 EEPROM firmware. The issue is that the EEPROM produced non-random KASLR and RNG seed values, resulting in consistent kernel addresses across boots and devices. This may lower entropy and potentially ease exploitation of other vulnerabilit...

5.1CVSS5.9AI score0.00114EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:36 a.m.7 views

CVE-2026-13199

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS5.9AI score0.00114EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 8:36 a.m.36 views

CVE-2026-13199 Insufficient Entropy in Raspberry Pi 5 and Compute Module 5

EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the...

5.1CVSS0.00114EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/07/06 9:33 a.m.8 views

USN-8492-3: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53327

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

0.00172EPSS
Exploits0References6
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53327

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

5.7AI score0.00172EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/01 1:32 p.m.39 views

CVE-2026-53327 debugobjects: Do not fill_pool() if pi_blocked_on

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

0.00172EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.20 views

EulerOS 2.0 SP15 : openjpeg2 (EulerOS-SA-2026-2495)

According to the versions of the openjpeg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library...

4.8CVSS5.2AI score0.00112EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/25 5:50 p.m.66 views

Exploit for Improper Authentication in Google Android

BlueDucky Ver 2.1 Android 🦆 Thanks to all the people at Hac...

6.3CVSS6AI score0.07879EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52977

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Prevent lockup in requeue-PI during signal/ timeout wakeup During wait-requeue-pi task A and requeue-PI task B the following race can happen: Task A Tas...

5.5CVSS6AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38845

In the Linux kernel, the following vulnerability has been resolved: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup During wait-requeue-pi task A and requeue-PI task B the following race can happen: Task A Task B futexwaitrequeuepi futexsetuptimer futexdowait futexrequeue CLASSh...

5.7AI score0.00172EPSS
Exploits0References7
Rows per page
Query Builder