Lucene search
K

531 matches found

NVD
NVD
added 2026/07/07 6:16 a.m.9 views

CVE-2026-10834

The WP Travel Engine WordPress plugin before 6.8.1 does not properly validate the source of a user-supplied profile image path before moving the file, allowing authenticated users with subscriber-level access and above to relocate arbitrary files within the WordPress uploads directory into their...

4.6CVSS0.00142EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 2:15 p.m.5 views

CVE-2026-13574

A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on th...

4.8CVSS5.8AI score0.00124EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/27 12:10 a.m.10 views

OSV-2026-973 Heap-buffer-overflow in bfd_getl16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=528056360 Crash type: Heap-buffer-overflow READ 1 Crash state: bfdgetl16 m32relfgenericreloc bfdperformrelocation...

5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 3:50 p.m.29 views

CVE-2026-45233 HTMLy CMS 3.1.1 Path Traversal via oldfile Parameter in Autosave

HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences...

8.1CVSS0.00567EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 3:50 p.m.4 views

EUVD-2026-39459

HTMLy CMS through 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint. Attackers can pass unsanitized traversal sequences...

8.1CVSS6AI score0.00567EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 4:28 p.m.1 views

CVE-2026-52955 libceph: Fix potential out-of-bounds access in crush_decode()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...

9.8CVSS5.8AI score0.00377EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: MIPS: Workaround for LLVM bugs when gp is used as a global register variable. On MIPS, currentthreadinfo is defined as a global register variable located in $gp, and it is simply reassigned during the kernel relocation. However,...

7.3CVSS6AI score0.00128EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.12 views

SUSE CVE-2026-46250

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

7.3CVSS5.8AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is...

7.3CVSS6.9AI score0.00128EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/03 8:12 p.m.10 views

CVE-2026-46250

A flaw was found in the Linux kernel, specifically affecting the MIPS architecture when compiled with LLVM. This vulnerability occurs because LLVM incorrectly restores the $gp register, which is used as a global register variable, after it has been intentionally modified during kernel relocation...

7.3CVSS5.7AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/06/03 6:16 p.m.15 views

CVE-2026-46250

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

7.3CVSS0.00128EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:49 p.m.6 views

CVE-2026-46250

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

5.7AI score0.00128EPSS
Exploits0References9
CVE
CVE
added 2026/06/03 3:49 p.m.36 views

CVE-2026-46250

The CVE-2026-46250 entries describe a Linux kernel issue on MIPS where LLVM erroneously restores the global gp register when it is used as a global register variable (__current_thread_info), causing the gp pointer to point to the unrelocated kernel after relocate_kernel. This leads to a crash dur...

7.3CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/03 3:49 p.m.43 views

CVE-2026-46250 MIPS: Work around LLVM bug when gp is used as global register variable

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

7.3CVSS0.00128EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/03 3:49 p.m.26 views

EUVD-2026-34112

In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, currentthreadinfo is defined as global register variable locating in $gp, and is simply assigned with new address during kernel relocation. This...

5.8AI score0.00128EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect recovery of the gp value when the LLVM compiler in the MIPS architecture is used as a glob...

7.3CVSS5.3AI score0.00128EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.17 views

PT-2026-46013

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On MIPS architecture, the current thread info is defined as a global register variable located in $gp and is assigned a new address during kernel relocation. A bug in LLVM causes it to...

7.3CVSS5.1AI score0.00128EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:12 a.m.12 views

drm/nouveau: fix u32 overflow in pushbuf reloc bounds check

...

7.8CVSS5.4AI score0.00143EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.15 views

SUSE CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 9:14 p.m.12 views

CVE-2026-46006

A flaw was found in the Linux kernel's drm/nouveau driver. An integer overflow vulnerability exists in the nouveaugempushbufrelocapply function. This occurs when a 32-bit unsigned integer relocbooffset is used in a bounds check, and the addition of a small value can cause it to wrap around, leadi...

7.8CVSS6AI score0.00143EPSS
Exploits0References4
Rows per page
Query Builder