Lucene search
K

4654 matches found

Snyk
Snyk
added 2026/06/09 12:0 a.m.8 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via Query By Example QBE StringMatcher handling. An attacker can perform boolean-based blind data inference by supplying wildcard characters in externally controlled input used to populate a QBE probe. When...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/08 3:50 p.m.44 views

CVE-2026-46313 media: intel/ipu6: fix error pointer dereference

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/06/08 2:34 p.m.19 views

CLEANSTART-2026-MZ00063 Security fixes for CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27139, CVE-2026-27140, CVE-2026-27142, CVE-2026-27143, CVE-2026-27144, CVE-2026-27145, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, ghsa-mh2q-q3fh-2475 applied in versions: 2.17.0-r0, 2.17.0-r1, 2.17.0-r2

Multiple security vulnerabilities affect the kubernetes-csi-livenessprobe-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS5.8AI score0.01557EPSS
Exploits2References74
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.10 views

Now You (Still) See Me: Detecting Evasive Steganographic Payloads in LLMs

Large language models can be fine-tuned to encode prompt-borne secrets into fluent, seemingly benign outputs. This creates a steganographic exfiltration risk that is difficult to detect with output-level steganalysis. Recent work proposes mechanistic detection using linear probes that recover the...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47384

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference occurs in the intel/ipu6 media component. In a specific error path, the isp-psys variable is confirmed to be an error pointer rather than NULL, leading to a...

9.1CVSS5.2AI score0.00457EPSS
Exploits1References64
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.9 views

CVE-2026-9813

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

9.9CVSS5.5AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.8 views

CVE-2026-46383

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

5.5CVSS5.5AI score0.0061EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/04 2:23 a.m.10 views

SUSE CVE-2026-45683

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS5.7AI score0.00174EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcmfiuprobe platformgetresourcebyname can return NULL, which would cause a crash when passed the point...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.18 views

From Attack Simulation to SIEM Rule: Deterministic Detection-As-Code Synthesis with Probe-Level Traceability

Security teams routinely simulate attacks against their own systems to check whether their monitoring would catch a real intruder. These Breach-and-Attack-Simulation BAS tools surface findings, but the security information and event management SIEM systems that watch production need detection rul...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the U...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror...

5.5CVSS6.2AI score0.00119EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 3:25 p.m.13 views

EUVD-2026-33956

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS5.7AI score0.00174EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/02 3:25 p.m.10 views

CVE-2026-45683 OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS5.7AI score0.00174EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

OpenTelemetry eBPF Instrumentation 安全漏洞

OpenTelemetry eBPF Instrumentation is an open-source, eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. Versions of OpenTelemetry eBPF Instrumentation prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the Java TLS ioctl probe usi...

3.8CVSS5.3AI score0.00174EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Prefect 安全漏洞

Prefect is a workflow orchestration tool developed by Prefect OpenSource, enabling developers to build, monitor data pipelines, and respond to changes in those pipelines. Version 3.6.19 of Prefect contains a security vulnerability. This vulnerability stems from improper handling of URL paths for...

7.5CVSS5.3AI score0.00476EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.10 views

Gate AI: LLM Security Benchmark Evaluation Methodology and Results

Published evaluations of prompt-injection and jailbreak detectors for Large Language Models often suffer from two systematic weaknesses: per-dataset threshold tuning and undisclosed operating points. We describe an evaluation harness that addresses both. The detector under evaluation is scored...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.19 views

SUSE CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-45900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - fix netdev memory leak in dpaa2caamprobe When commit 0e1a4d427f58 crypto: caam: Unembed netdev structure in dpaa2 converted embedded netdevice to...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.10 views

CVE-2026-46196

A flaw was found in the Linux kernel. When a tracepoint a mechanism for dynamic instrumentation is registered, a failure during the probe installation process can lead to the registration's side effects persisting without a corresponding probe. This can cause a Denial of Service DoS by leaving...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
Rows per page
Query Builder