Lucene search
K

4647 matches found

Nuclei
Nuclei
added yesterday22 views

Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)

Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter. id: CVE-2020-16248 info: name: Prometheus Blackbox Exporter - Server-Side...

5.8CVSS6.2AI score0.02698EPSS
Exploits1References4
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41814

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References7
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-14801 GPAC TeXML File load_text.c txtin_probe_duration divide by zero

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS0.00112EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

UBUNTU-CVE-2026-53344

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Initialize mcp-dev and mcp-addr before regmap init Regmap initialization triggers regcachemaplepopulate which attempts SPI read to populate cache. SPI read requires mcp-dev and mcp-addr to be set, without them,...

5.7AI score0.00145EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.8 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 12:21 p.m.7 views

MAL-2026-6722 Malicious code in date-fns-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4694a079d83e33dcee7f87140c41737009d9f0b19f351c23f2ae3dbce9a47a51 [email protected] presents as a lightweight date-formatting utility but ships a malicious postinstall.js that runs automatically on npm install. T...

5.9AI score
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 1:21 p.m.7 views

CVE-2026-53204

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 9:29 a.m.6 views

CVE-2026-53296

A flaw was found in the Linux kernel, specifically within the mailbox-test component. This vulnerability occurs when channels are not correctly released during a probe error, leading to a memory leak and a Use-After-Free UAF condition. A Use-After-Free UAF is a memory corruption vulnerability tha...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 7:53 a.m.6 views

CVE-2026-53280

A flaw was found in the Linux kernel's Input-Output Memory Management Unit IOMMU component. This vulnerability occurs when a default IOMMU domain fails to allocate during the initial probe, leading to a NULL pointer dereference. This can cause a system crash, resulting in a Denial of Service DoS...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 6:16 a.m.23 views

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS0.00122EPSS
Exploits0References9
OSV
OSV
added 2026/06/29 6:16 a.m.4 views

UBUNTU-CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References3
CVE
CVE
added 2026/06/29 4:53 a.m.21 views

CVE-2026-53325

CVE-2026-53325 affects the Linux kernel’s AGP AMD64 driver. The root cause is broken error propagation in agp_amd64_probe(): when no AMD northbridges are found, cache_nbs() returns a negative error code (e.g., -ENODEV), but the probe incorrectly checks for exactly -1. This allows initialization t...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/06/29 4:53 a.m.7 views

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/29 4:53 a.m.40 views

CVE-2026-53325 agp/amd64: Fix broken error propagation in agp_amd64_probe()

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

0.00122EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 3:20 a.m.8 views

Malicious code in rebrandly-domains-digger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53209

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.1.2-1.1 Description A NULL pointer dereference occurs in the AMD64 AGP driver when operating in virtualized environments, such as qemu/kvm, that lack a physical AMD northbridge. The issue stems from broken erro...

5.5CVSS6AI score0.00122EPSS
Exploits0References26
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.8 views

SUSE CVE-2026-53280

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.7 views

SUSE CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.9 views

SUSE CVE-2026-53296

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...

5.8AI score0.00129EPSS
Exploits0References3
Rows per page
Query Builder