Lucene search
K

385 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-9857

The Invoice123 plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access...

4.3CVSS0.00288EPSS
Exploits0References12
CVE
CVE
added 2 days ago9 views

CVE-2026-9857

The CVE concerns the WordPress Invoice123 plugin (versions

4.3CVSS6.1AI score0.00288EPSS
Exploits0References12
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-9857 Invoice123 <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Setting Modification via s123_submit_api_key & s123_submit_invoice_settings AJAX actions

The Invoice123 plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.7.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access...

4.3CVSS0.00288EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed an out-of-bounds read during the parsing of the OnBeacon Extended Supported Rates ESR extension. The handling of the ESR extension during the OnBeacon phase involves accessing p + 1 + ielen and p + 2 +...

5.8AI score0.00176EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed a stack buffer overflow issue during the parsing of the OnAssocReq IE. The length of the Supported Rates IE from an incoming Association Request frame was directly used as the length for the memcpy...

7AI score0.00198EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 10:21 a.m.28 views

CVE-2026-54419

PIAF-HMS (PBX-In-A-Flash Hotel Management System) contains multiple unauthenticated SQL injection vulnerabilities. The app has no authentication and passes user-supplied HTTP parameters directly into deprecated mysql_query() calls via string concatenation, without sanitization, escaping, or param...

9.8CVSS5.8AI score0.00587EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.12 views

SUSE CVE-2026-46307

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

4.3CVSS5.4AI score0.0022EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 5:16 p.m.21 views

CVE-2026-46307

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

8.3CVSS0.0022EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 5:16 p.m.7 views

UBUNTU-CVE-2026-46307

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

8.3CVSS5.3AI score0.0022EPSS
Exploits0References11
CVE
CVE
added 2026/06/08 3:46 p.m.35 views

CVE-2026-46307

CVE-2026-46307 affects the Linux kernel ath5k driver, where a UBSAN-detected array-index-out-of-bounds in ath5k_tasklet_tx can write beyond a 4-entry ieee80211_tx_rate array, potentially overwriting the next info-&gt;status field (ack_signal). Rootcause: ts_final_idx may be 3, causing an out-of-b...

8.3CVSS5.4AI score0.0022EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:46 p.m.7 views

CVE-2026-46307

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

5.3AI score0.0022EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/06/08 3:46 p.m.11 views

EUVD-2026-35172

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

5.4AI score0.0022EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.47 views

CVE-2026-46307 wifi: ath5k: do not access array OOB

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

8.3CVSS0.0022EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47378

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array-index-out-of-bounds access exists in the ath5k WiFi driver. The issue occurs within the ath5k tasklet tx function in the drivers/net/wireless/ath/ath5k/base.c file. Specifically...

9.1CVSS5.5AI score0.00457EPSS
Exploits1References68
Packet Storm News
Packet Storm News
added 2026/05/31 12:0 a.m.13 views

A New Framework for Cybersecurity Refusals in AI Agents

Agentic scaffolds have dramatically improved LLM performance on complex, long-horizon tasks, yielding both broad benefits and amplified risks in domains like cybersecurity. Existing benchmarks for AI agents in cybersecurity focus mainly on measuring proficiency--how effectively agents can complet...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/30 12:0 a.m.10 views

Optimal Routing and Link Configuration for Covert Heterogeneous Wireless Networks in the Presence of a Friendly Jammer

In modern radio networks, nodes frequently access multiple communication interfaces such as WiFi, cellular, LoRa, and Zigbee. Optimal utilization of such heterogeneous networks HetNets at link and network levels is essential for ensuring efficient and secure communication. Some applications requi...

5.8AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:5 a.m.10 views

ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES

...

5.5CVSS5.4AI score0.00177EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.11 views

SUSE CVE-2026-46018

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46018

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

5.5CVSS0.00177EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-46018

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

5.5CVSS5.7AI score0.00177EPSS
Exploits0References7
Rows per page
Query Builder