Lucene search
K

663 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: Broadcom – bcm4908enet: Updates TX statistics after actual transmission. Queuing packets does not guarantee their transmission. Updates TX statistics after the hardware confirms that it is consuming the submitted data. This...

5.8AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed the requirement that devices managed by PME polling must be in the RPMACTIVE state. The fix notes that devices managed by runtime PM need to be in the RPMACTIVE state for PME polling. In fact, only devices in low-power...

6.2CVSS6AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.12 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021652)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021652 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-43293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 2:16 p.m.23 views

CVE-2025-40904

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

6.5CVSS0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/19 1:23 p.m.40 views

CVE-2025-40904 HTML injection in Smart Polling in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

6.5CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 1:23 p.m.23 views

CVE-2025-40904

The CVE-2025-40904 issue is a Stored HTML Injection in the Smart Polling feature. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags via sync; when a victim opens the affected remote strategy, injected HTML can render in their browser and enabl...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/19 1:23 p.m.5 views

CVE-2025-40904

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 1:23 p.m.10 views

CVE-2025-40904 HTML injection in Smart Polling in Guardian/CMC before 26.1.0

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 1:23 p.m.19 views

EUVD-2025-209895

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References1
NOZOMI
NOZOMI
added 2026/05/19 12:0 a.m.10 views

HTML injection in Smart Polling in Guardian/CMC before 26.1.0

Summary A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. Impact An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views th...

6.5CVSS5.8AI score0.00186EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Nozomi Networks CMC和Nozomi Networks Guardian 跨站脚本漏洞

Nozomi Networks CMC and Nozomi Networks Guardian are both products of Nozomi Networks, a company based in the United States. Nozomi Networks CMC is a network management platform. Nozomi Networks Guardian is a security software. Both Nozomi Networks CMC and Nozomi Networks Guardian have cross-site...

6.5CVSS5.7AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.16 views

PT-2026-41891

A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user with limited privileges can push malicious remote strategies containing HTML tags through the sync. When a victim views the affected remo...

6.5CVSS5.8AI score0.00186EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43293

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...

5.8AI score0.00122EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/05/13 12:0 a.m.19 views

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks Victor Nogueira Orabug: 39362005 CVE-2026-23270 - KVM: x86: disable preemption around the call to...

9.8CVSS6.2AI score0.96267EPSS
Exploits257
SUSE CVE
SUSE CVE
added 2026/05/12 3:48 a.m.17 views

SUSE CVE-2025-38093

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads it is possible to reach the critical hardware shutdown...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/12 3:30 a.m.8 views

SUSE CVE-2026-43385

In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcutaskswaitgp: rcutasks grace period number 85 since...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/11 7:31 a.m.116 views

c2birtengine

BIRT File Upload RCE – C2 over HTTPS This repository provides...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/08 6:22 p.m.15 views

CVE-2026-43293

A flaw was found in the Linux kernel's wave5 media driver. During the removal of the wave5 module in polling mode, a timing issue, known as a race condition, can occur. This happens because the process that destroys the worker is initiated before the timer that queues work is fully canceled. This...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.9 views

EUVD-2026-28563

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...

5.8AI score0.00122EPSS
Exploits0References5
Rows per page
Query Builder