Lucene search
K

453 matches found

NVD
NVD
added yesterday4 views

CVE-2026-12396

The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level self-registerable account to approve, feature, or reject arbitrary jobs, including those owned by other user...

5.4CVSS0.00132EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 4 days ago5 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2595)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Input: alps - fix use-after-free bugs caused by dev3registerworkCVE-2025-68822 ext4: reject mount if bigalloc with sfirstdatablock !=...

9.8CVSS6.9AI score0.0138EPSS
Exploits15References167
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.22 views

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50372)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50372 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Rajat Gupta CVE-2026-46331 - eventpoll: fix epremove struct eventpoll / struc...

9.8CVSS7AI score0.96267EPSS
Exploits326References820
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:18 a.m.8 views

IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN

...

9.8CVSS5.8AI score0.00742EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:17 a.m.7 views

Bluetooth: bnep: reject short frames before parsing

...

7.1CVSS5.8AI score0.00274EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53208

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 10:14 p.m.11 views

EUVD-2026-31390

golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys...

9.1CVSS5.8AI score0.00525EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 1:16 p.m.30 views

CVE-2026-42389 Reject more queries with invalid header values

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS0.00175EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53208

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53267 netfilter: nft_ct: bail out on template ct in get eval

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.5CVSS5.6AI score0.00114EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:53 p.m.3 views

CVE-2026-54911

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.13.0, ujson.dumps or ujson.dump or ujson.encode have a rejectbytes=False option. When set, they may accept malformed or truncated UTF-8 byte sequences, silently rewriting them into different...

6.5CVSS5.9AI score0.00272EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.8 views

UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()

Summary ujson.dumps or ujson.dump or ujson.encode have a rejectbytes=False option. When set, they may accept malformed or truncated UTF-8 byte sequences, silently rewriting them into different Unicode characters instead of rejecting them. This leads to input validation bypass and data integrity...

6.5CVSS5.7AI score0.00272EPSS
Exploits0References4Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.9 views

Don't Trust Us: A Privacy-By-Design Android Malware Detection Pipeline

Android malware detection increasingly relies on collecting and processing sensitive user data, including device identifiers, network artifacts, and runtime traces, while privacy is too often treated as a secondary concern. Existing privacy-aware approaches typically enforce privacy after data...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.30 views

CVE-2026-46117 RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS0.00129EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:9 a.m.11 views

slip: reject VJ receive packets on instances with no rstate array

...

5.5CVSS5.4AI score0.00114EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:6 a.m.9 views

crypto: authencesn - reject short ahash digests during instance creation

...

7.3CVSS5.4AI score0.00129EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/05/28 12:0 a.m.21 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS5.5AI score0.00514EPSS
Exploits0References40
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.12 views

CVE-2026-45841

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO nfosfmatchone computes ctx-window % f-wss.val in the OSFWSSMODULO branch with no guard for f-wss.val == 0. A CAPNETADMIN user can add such a fingerprint via nfnetlink; a...

5.7AI score0.00114EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder