Lucene search
K

408982 matches found

Nuclei
Nuclei
added 13 hours ago28 views

McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting

McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request. id: CVE-2017-4011 info: name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting...

6.1CVSS6.4AI score0.03271EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-57321

Name of the Vulnerable Software and Affected Versions h2o versions prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1 Description When processing a QPACK instruction sent from a peer over HTTP/3, the server may allocate an on-stack buffer of approximately 800 KB using the alloca function in...

7.5CVSS6.1AI score0.00343EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42688

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References1
CVE
CVE
added 6 days ago16 views

CVE-2026-0278

Summary: CVE-2026-0278 affects the Prisma Access Agent on Windows, where multiple protection mechanism failures in the Data Loss Prevention (DLP) component allow bypass of DLP policy enforcement. The macOS agent is not affected. Affected versions: 24.0 through 26.2. Impact: DLP controls can be ci...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-0278

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS0.00151EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-42630

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, channel thread parent and reply handling did not bind parentid to the channel in the URL, allowing an authenticated user to reference a message from another private or DM channel and disclose...

3.1CVSS5.9AI score0.00255EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2840 nilfs-utils security update

Userspace utilities for creating and mounting NILFS v2 filesystems. Security Fixes: NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images...

6.7CVSS5.9AI score0.00105EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 2:16 p.m.7 views

CVE-2026-53347

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...

0.00156EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53331

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

0.00172EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/01 1:32 p.m.7 views

EUVD-2026-40981

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...

5.8AI score0.00156EPSS
Exploits0References5
CVE
CVE
added 2026/07/01 1:32 p.m.21 views

CVE-2026-53340

The CVE-2026-53340 entry concerns the Linux kernel I2C imx driver where a clock-disable happens before pinctrl state switch in runtime suspend, leading to a system crash if pinctrl_pm_select_sleep_state() fails. The fix swaps the order to switch the pinctrl state before disabling the clock so a p...

5.8AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40965

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References7
OSV
OSV
added 2026/07/01 1:32 p.m.2 views

CVE-2026-53331 slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References10
CVE
CVE
added 2026/06/29 7:42 p.m.16 views

CVE-2026-43676

CVE-2026-43676 affects WebKit-related components used in Safari/WebKit on macOS Tahoe and iOS/iPadOS, with an out-of-bounds access issue addressed by improved bounds checking. The vulnerability leads to potential crashes when processing malicious web content, and is fixed in Safari 26.5.2 (and re...

6.5CVSS5.8AI score0.00257EPSS
Exploits0References3Affected Software4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53716

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A use-after-free issue, which occurs when a program continues to use a pointer after it has been free...

6.5CVSS6.1AI score0.00289EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.8 views

SUSE CVE-2026-53282

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.7 views

SUSE CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.10 views

SUSE CVE-2026-53324

In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...

5.8AI score0.00115EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target P...

6AI score0.00126EPSS
Exploits0References4
Rows per page
Query Builder