Lucene search
K

1377 matches found

cvelist
cvelist
added 2026/06/22 11:58 p.m.41 views

CVE-2026-10658 Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS

A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In btisorecv subsys/bluetooth/host/iso.c, when processing PB=START/SINGLE fragments, the code pulls a TS SDU header 8 bytes, ts=1 or a non-TS SDU header 4 bytes, ts=0 without firs...

7.1CVSS0.00163EPSS
Exploits0References1
fedora
fedora
added 2026/06/21 1:11 a.m.6 views

[SECURITY] Fedora 43 Update: alertmanager-0.33.0-1.fc43

The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...

5.5CVSS5.8AI score0.00168EPSS
Exploits1
osv
osv
added 2026/06/18 3:5 p.m.6 views

GHSA-W5CV-PW74-4RXC opentelemetry-collector-contrib: githubreceiver silently ignores configured required_headers authentication

githubreceiver Silently Ignores Configured requiredheaders Authentication Summary The githubreceiver webhook handler does not enforce the requiredheaders configuration. Headers are validated at startup config rejects empty keys/values but never checked on incoming requests. This follows the same...

6.9CVSS5.5AI score
Exploits0References2
cve
cve
added 2026/06/12 2:14 p.m.24 views

CVE-2026-47209

vm2 (Node.js sandbox) had a vulnerability in the BaseHandler.set trap that ignores the receiver parameter and always writes to the host target, enabling inherited-property writes to leak onto host objects via prototype chains. This can allow attackers to assign Symbol-keyed properties (e.g., node...

8.6CVSS5.2AI score0.00287EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/06/08 12:0 a.m.12 views

The Chronicles of Radio Frequency Fingerprinting

Radio Frequency Fingerprinting RFF has evolved from an early idea for radar emitter identification into a broad research field for wireless device identification and spectrum monitoring for security. Rather than presenting a conventional literature survey, this work provides a critical historical...

5.6AI score
Exploits0
redhatcve
redhatcve
added 2026/06/06 12:43 p.m.18 views

CVE-2026-21032

Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

7.1CVSS5.8AI score0.00093EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/06 12:43 p.m.19 views

CVE-2026-21033

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

7.1CVSS5.8AI score0.00093EPSS
Exploits0References1
nessus
nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.1 : rsync (EulerOS-SA-2026-2150)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a...

4.3CVSS5.6AI score0.00289EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 7:41 p.m.11 views

CVE-2025-41278

Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Host...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:41 p.m.10 views

CVE-2025-41280

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal Zip Slip in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is configured and file compression is enabled...

7.8CVSS5.8AI score0.00146EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:19 p.m.11 views

CVE-2026-49189

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.4AI score0.00098EPSS
Exploits0References1
osv
osv
added 2026/06/05 3:48 p.m.9 views

OESA-2026-2552 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

6.9CVSS5.5AI score0.00503EPSS
Exploits0References2
osv
osv
added 2026/06/05 3:48 p.m.9 views

OESA-2026-2551 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

6.9CVSS5.5AI score0.00503EPSS
Exploits0References2
osv
osv
added 2026/06/05 3:48 p.m.10 views

OESA-2026-2550 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS5.7AI score0.0078EPSS
Exploits0References4
osv
osv
added 2026/06/05 3:48 p.m.9 views

OESA-2026-2549 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

6.9CVSS5.5AI score0.00503EPSS
Exploits0References2
euvd
euvd
added 2026/06/05 10:15 a.m.10 views

EUVD-2026-34805

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

6.9CVSS5.8AI score0.00093EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/05 10:15 a.m.7 views

CVE-2026-21032

Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

6.9CVSS5.8AI score0.00093EPSS
Exploits0References2
nvd
nvd
added 2026/06/04 6:16 a.m.12 views

CVE-2026-49189

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS0.00098EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/04 5:23 a.m.11 views

CVE-2026-49189

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS5.8AI score0.00098EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/04 5:23 a.m.46 views

CVE-2026-49189 Broadcast Receiver Privilege Escalation

Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations...

8.5CVSS0.00098EPSS
Exploits0References1
Rows per page
Query Builder