Lucene search
K

87 matches found

EUVD
EUVD
added 2026/06/24 7:14 a.m.12 views

EUVD-2026-38729

In the Linux kernel, the following vulnerability has been resolved: batman-adv: clear current gateway during teardown batadvgwnodefree removes the gateway list entries during mesh teardown, but it does not clear the currently selected gateway. This leaves stale gateway state behind across cleanup...

5.7AI score0.00114EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51719

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv gw node free function removes gateway list entries during mesh teardown but fails to clear the currently selected gateway. This...

6AI score0.00114EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-52926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: clear current gateway during teardown batadvgwnodefree removes the gateway list entries during mesh teardown, but it does not clear the currently...

5.5CVSS6AI score0.00114EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.8 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.4AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 2:22 p.m.8 views

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

6.5CVSS6AI score0.00374EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:16 p.m.8 views

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

6.5CVSS0.00374EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 12:0 a.m.19 views

CVE-2026-31243

The CVE-2026-31243 entry concerns the mem0 1.0.0 server, where the DELETE /memories endpoint lacks authentication/authorization controls. An unauthenticated attacker can trigger a memory reset that executes a CREATE TABLE SQL statement, potentially re-creating or altering schemas, causing data lo...

6.5CVSS6AI score0.00374EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.16 views

PT-2026-40320

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

6AI score0.00374EPSS
Exploits0References3
OSV
OSV
added 2026/05/12 12:0 a.m.3 views

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

6.5CVSS6.2AI score0.00374EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/08 7:44 a.m.8 views

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

9.1CVSS5.8AI score0.00356EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/08 7:44 a.m.10 views

CVE-2013-10075 Apache::Session versions through 1.94 for Perl re-creates deleted sessions

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

5.8AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/24 10:24 p.m.5 views

CVE-2026-31662

A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC protocol. An attacker can exploit an integer underflow vulnerability by sending duplicate group acknowledgment messages GRPACKMSG. This causes the bcackers counter to wrap around, leading to persistent network...

7.5CVSS5.4AI score0.00389EPSS
Exploits0References4
OSV
OSV
added 2026/04/24 3:16 p.m.8 views

DEBIAN-CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

7.5CVSS5.3AI score0.00389EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/04/22 11:53 a.m.10 views

Researcher claims Claude Desktop installs “spyware” on macOS

Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two sides, so we searched for an official rebuttal by Anthropic. But we couldn’t find one. It would surprise me very much if they’d...

6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

7.8CVSS6AI score0.00309EPSS
Exploits1References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.7 views

PT-2026-29439

Name of the Vulnerable Software and Affected Versions Multiple / Unspecified Products affected versions not specified Description The application's list box calculate array logic retains outdated references to page or form objects after their deletion or recreation. This allows specially crafted...

7.8CVSS5.9AI score0.00309EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2026/02/26 12:27 a.m.4 views

SUSE CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

3.7CVSS5.8AI score0.00175EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/25 1:16 p.m.3 views

CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

2.6CVSS5.8AI score0.00175EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 1:16 p.m.10 views

UBUNTU-CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

2.6CVSS5.8AI score0.00175EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/02/25 12:35 p.m.3 views

CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

2.6CVSS5.5AI score0.00175EPSS
Exploits0References1
Rows per page
Query Builder