Lucene search
K

2539 matches found

EUVD
EUVD
added 2026/03/18 6:31 p.m.4 views

EUVD-2026-12892

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.7AI score0.001EPSS
Exploits0References3
NVD
NVD
added 2026/03/18 6:16 p.m.5 views

CVE-2026-23259

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.5CVSS0.001EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/18 6:16 p.m.7 views

CVE-2026-23259

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.5CVSS5.7AI score0.001EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 6:16 p.m.4 views

UBUNTU-CVE-2026-23259

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.5CVSS5.7AI score0.001EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:41 p.m.5 views

CVE-2026-23259

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.7AI score0.001EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/18 5:41 p.m.17 views

CVE-2026-23259 io_uring/rw: free potentially allocated iovec on cache put failure

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

0.001EPSS
Exploits0References2
OSV
OSV
added 2026/03/18 5:41 p.m.4 views

CVE-2026-23259 io_uring/rw: free potentially allocated iovec on cache put failure

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

5.5CVSS5.7AI score0.001EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and...

5.5CVSS6.2AI score0.001EPSS
Exploits0References4
CVE
CVE
added 2026/03/13 9:19 p.m.121 views

CVE-2026-32709

The CVE describes an unauthenticated path traversal in PX4 Autopilot MAVLink FTP that allows any MAVLink peer to read, write, create, delete, and rename arbitrary files on the flight controller filesystem. On NuttX targets, attacker-supplied paths bypass sanitization due to an empty FTP root, whi...

6.8CVSS5.9AI score0.00476EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/03/12 8:32 p.m.5 views

EUVD-2026-11613

TinaCMS Vulnerable to Path Traversal Leading to Arbitrary File Read, Write and Delete...

8.4CVSS5.8AI score0.00203EPSS
Exploits1References2
OSV
OSV
added 2026/03/12 2:22 p.m.5 views

GHSA-RCP6-88MM-9VGF Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`

If an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note that it is intended behavior that the JavaScript would...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References4
NVD
NVD
added 2026/03/11 9:16 p.m.8 views

CVE-2026-32109

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

4.4CVSS0.00162EPSS
Exploits0References1
PyPA
PyPA
added 2026/03/11 9:16 p.m.9 views

PYSEC-2026-32

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

4.4CVSS6AI score0.00162EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/11 9:16 p.m.7 views

PYSEC-2026-32

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

4.4CVSS6AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 8:16 p.m.29 views

CVE-2026-32109 Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

3.7CVSS0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 8:16 p.m.4 views

CVE-2026-32109 Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/11 1:19 p.m.7 views

CVE-2025-41710

An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...

6.5CVSS5.8AI score0.00387EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/11 12:24 a.m.5 views

SUSE CVE-2026-28689

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. This...

6.3CVSS5.8AI score0.00108EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/10 9:2 p.m.4 views

EUVD-2026-10382

ImageMagick has a Path Policy TOCTOU symlink race bypass...

6.3CVSS5.8AI score0.00108EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/10 9:2 p.m.5 views

EUVD-2026-10381

ImageMagick has a Path Policy TOCTOU symlink race bypass...

6.3CVSS5.8AI score0.00108EPSS
Exploits0References3
Rows per page
Query Builder