Lucene search
K

1677 matches found

Cvelist
Cvelist
added 2026/06/10 11:49 a.m.41 views

CVE-2026-24067 Slate Digital Connect macOS XPC PID validation privilege escalation

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...

0.00131EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.12 views

Fission 安全漏洞

Fission is an open-source function deployment framework based on Kubernetes. Versions of Fission prior to 1.24.0 contain security vulnerabilities. These vulnerabilities arise from the exposure of spec.runtime.podSpec and spec.builder.podSpec in the Environment CRD during merging, without filterin...

9.9CVSS5.4AI score0.00274EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48401

Name of the Vulnerable Software and Affected Versions Slate Digital Connect version 1.37.0 Description The software installs a privileged helper tool, 'com.slatedigital.connect.privileged.helper.tool', which exposes the XPC service 'com.slatedigital.connect.privileged.helper.tool2'. The helper...

8.4CVSS5.1AI score0.00131EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.36 views

CVE-2026-46295 KVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvmapicupdateirr even if PIR is empty Fall back to apicfindhighestvector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In a...

0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.9 views

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5CVSS5.5AI score0.00107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:49 p.m.11 views

CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

5.7AI score0.0012EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/06/03 3:49 p.m.10 views

EUVD-2026-34121

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

5.8AI score0.0012EPSS
Exploits0References8
NVD
NVD
added 2026/06/03 2:16 p.m.14 views

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5CVSS0.00107EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 12:0 a.m.18 views

EUVD-2025-210053

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5CVSS5.8AI score0.00107EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-45933

A NULL pointer dereference in the gf filter pid resolve file template ex function /filter core/filter pid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5.8AI score0.00107EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-46223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant...

5.5CVSS6.1AI score0.00083EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.40 views

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

0.00107EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/06/01 3:12 p.m.13 views

USN-8360-1: sslh vulnerability

It was discovered that sslh did not properly handle symbolic links when writing its PID file. A local attacker could possibly use this issue to overwrite arbitrary files...

9.3CVSS5.9AI score0.00158EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:6 p.m.10 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

5.8AI score0.00347EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/28 9:6 p.m.10 views

EUVD-2026-33063

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS5.8AI score0.00347EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/27 12:34 p.m.13 views

CVE-2026-45840

A flaw was found in the Linux kernel's Open vSwitch component. A local attacker, with administrative network capabilities, could exploit this by providing an overly large Process ID PID array. This action triggers a buffer overflow within the network link netlink reply mechanism, leading to a...

7CVSS6AI score0.00117EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 11:16 a.m.12 views

CVE-2026-45840

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...

5.5CVSS0.00117EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/27 9:24 a.m.12 views

EUVD-2026-32166

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...

5.9AI score0.00117EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.7 views

CVE-2026-45840

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...

5.8AI score0.00117EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 9:24 a.m.8 views

CVE-2026-45840

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...

5.5CVSS5.8AI score0.00117EPSS
Exploits0
Rows per page
Query Builder