Lucene search
K

26 matches found

OSV
OSV
added 2026/06/04 7:27 p.m.8 views

GHSA-8V9P-G828-V98F Shopware: Admin Account Takeover via User Recovery Hash Exposure

Summary A low-privilege admin user with userrecovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score0.00034EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46852

Summary A low-privilege admin user with user recovery:read ACL can take over any admin account. The attacker triggers password recovery for the victim unauthenticated endpoint, reads the recovery hash from the Admin API search endpoint, then uses the hash to reset the victim's password another...

6.8CVSS5.8AI score
Exploits0References5
CVE
CVE
added 2026/05/28 9:36 a.m.21 views

CVE-2026-46183

CVE-2026-46183 affects the Linux kernel DAMON sysfs code. The vulnerability is a use-after-free in damon_sysfs_quot_goal->path: user reads/writes to the sysfs 'path' file can deallocate the underlying buffer, and current protection only guards parameter reads during commit; direct user access ...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.9 views

PT-2026-37554

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM x86 component where reading PDPTR registers in the get sregs2 function lacks proper SRCU read-side protection. Reading PDPTRs can trigger access to guest memor...

7.8CVSS5.7AI score0.00139EPSS
Exploits0References42
OSV
OSV
added 2026/05/05 9:59 p.m.6 views

SUSE-SU-2026:21527-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange bsc1258005. - CVE-2026-23004: dst: fix races in...

7.8CVSS6.7AI score0.96775EPSS
Exploits228References13
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-23437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the...

7.8CVSS6.1AI score0.00127EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/02/24 1:20 a.m.6 views

CVE-2026-25965

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/ can be...

8.6CVSS7.6AI score0.00671EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38003)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38003 advisory. - In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protectio...

5.5CVSS6.8AI score0.002EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/29 3:31 p.m.2 views

EUVD-2025-36664

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

5.9AI score0.00183EPSS
Exploits0References5
CVE
CVE
added 2025/10/29 1:37 p.m.17 views

CVE-2025-40084

CVE-2025-40084 affects the Linux kernel’s ksmbd transport_ipc path. The flaw arises when handle_response() reads a 4-byte handle from the payload without verifying that the declared payload size is at least 4 bytes, allowing a malformed or truncated ksmbd.mountd message to cause a read past the p...

6AI score0.00183EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-17385

Malicious code in bioql PyPI...

7.6AI score0.002EPSS
Exploits0References9
Amazon
Amazon
added 2025/07/29 12:0 a.m.4 views

Important: kernel-livepatch-6.1.134-150.224

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue CVE-2025-38000 In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content...

7.8CVSS6.3AI score0.002EPSS
Exploits0
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e “PCI: designware-ep: Allow pciepcsetbar to update the inbound map address”, setbar was modified to support dynamically changing the backing...

5.5CVSS6.3AI score0.00176EPSS
Exploits0References3
NVD
NVD
added 2025/06/08 11:15 a.m.10 views

CVE-2025-38003

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...

5.5CVSS0.002EPSS
Exploits0References10
OSV
OSV
added 2025/06/08 10:34 a.m.3 views

CVE-2025-38003 can: bcm: add missing rcu read protection for procfs content

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...

5.5CVSS6.4AI score0.002EPSS
Exploits0References13
CVE
CVE
added 2025/06/08 10:34 a.m.120 views

CVE-2025-38003

CVE-2025-38003 affects the Linux kernel: the bcm subsystem generates procfs content for bcm_op objects, and removal without proper rcu protection could expose use-after-free data. The patch adds missing rcu_read_lock() and ensures list entries are removed under RCU, addressing UAF in procfs outpu...

5.5CVSS6.5AI score0.002EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2025/06/08 10:34 a.m.6 views

CVE-2025-38003

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content When the procfs content is generated for a bcmop which is in the process to be removed the procfs output might show unreliable data UAF. As the removal of bcmop's is...

5.5CVSS5.6AI score0.002EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/08 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of rcu read protection, which could lead to unreliable data output...

5.5CVSS6.8AI score0.002EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.9 views

kernel: wifi: cfg80211: check A-MSDU format more carefully

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more...

7.1CVSS6.7AI score0.00233EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2020/11/12 4:52 p.m.20 views

Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks

Two security vulnerabilities in Schneider Electric’s programmable logic controllers PLCs could allow attackers to compromise a PLC and move on to more sophisticated critical infrastructure attacks. PLCs are key pieces of equipment in environments such as electric utilities and factories. They...

0.4AI score
Exploits0References11
Rows per page
Query Builder