Lucene search
K

2550 matches found

Nuclei
Nuclei
added 13 hours ago43 views

Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write

File read and write vulnerability in Apache DolphinScheduler, authenticated users can illegally access additional resource files. This issue affects Apache DolphinScheduler from 3.1.0 before 3.2.2. id: CVE-2024-30188 info: name: Apache DolphinScheduler = 3.1.0, 3.2.2 Resource File Read And Write...

8.8CVSS5.9AI score0.05987EPSS
Exploits0References3
OSV
OSV
added 2 days ago5 views

BIT-PYTHON-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.7AI score0.00132EPSS
Exploits0References7
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-59705 mem0 - OpenMemory API Unauthenticated Access via Memory Endpoints

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary userid parameters or...

9.8CVSS0.00498EPSS
Exploits0References4
CVE
CVE
added 3 days ago12 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation via the KernCoreLib64.sys kernel driver. An attacker with local access can use exposed IOCTL handlers to perform arbitrary physical memory read/write and unrestricted I/O port operations without administrator privileges. This can enable ma...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 3 days ago11 views

CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS0.0017EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-41674

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added last week4 views

CVE-2026-26231

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write...

8.5CVSS5.9AI score0.00291EPSS
Exploits0References6
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14420

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 10:21 p.m.18 views

CVE-2026-14420

Summary (CVE-2026-14420): Out-of-bounds read/write in Dawn (Chrome’s Dawn integration) in Google Chrome

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/07/01 7:16 p.m.5 views

CVE-2026-55628

In versions prior to 7.1.2-26he, the -concatenate operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26...

5.5CVSS0.00098EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 1:47 p.m.37 views

CVE-2026-6685

FatFs CVE-2026-6685 affects FatFs R0.16 and earlier, where a stale dirty-cache skip can occur due to an unsigned-subtraction wrap in f_read() and f_write() during interleaved reads/writes on fragmented filesystems (fp-&gt;sect - sect &lt; cc). The root cause is an integer underflow (CWE-191) in t...

6.1CVSS5.8AI score0.00205EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2026/07/01 1:32 p.m.21 views

CVE-2026-53356

The CVE-2026-53356 entry concerns the Linux kernel DRM/I915 GEM code. The root cause is in sg_page() returning a struct page pointer instead of (void *) which mis-scales pread/pwrite for phys BO and can cause access to incorrect parts of a buffer when a non-zero offset is used. A fix was cherry-p...

5.8AI score0.00164EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40809

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

6AI score0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40517

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.0031EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.7 views

PT-2026-54927

Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An integer underflow occurs during interleaved read and write operations on fragmented filesystems. This issue is caused by an unsigned-subtraction wrap in the f read and f write functions when...

6.1CVSS6.1AI score0.00205EPSS
Exploits2References7
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS0.00239EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS6AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.6 views

DEBIAN-CVE-2026-13831

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.29 views

CVE-2026-14152

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

0.0023EPSS
Exploits0References2
Rows per page
Query Builder