Lucene search
K

82149 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.6 views

openSUSE 16 Security Update : ghostscript (openSUSE-SU-2026:20592-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20592-1 advisory. Update to version 10.06.0. Security issues fixed: - CVE-2025-59800: an integer overflow can lead to a heap-based buffer overflow in ocrline8...

5.5CVSS6.2AI score0.00276EPSS
Exploits0References18
EUVD
EUVD
added 2026/04/22 9:31 p.m.8 views

EUVD-2026-22911

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...

6.1CVSS5.8AI score0.00126EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 6:31 p.m.8 views

EUVD-2026-24981

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

6.7CVSS5.8AI score0.00184EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.5 views

uutils coreutils has a Path Traversal issue

A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or...

5.6CVSS5.6AI score0.00165EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/22 5:16 p.m.6 views

UBUNTU-CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS5.8AI score0.00184EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:8 p.m.3 views

CVE-2026-35363

A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or...

5.6CVSS6AI score0.00165EPSS
Exploits1References2
CVE
CVE
added 2026/04/22 4:8 p.m.11 views

CVE-2026-35361

The CVE-2026-35361 issue affects the mknod utility in uutils coreutils. It describes non-atomic handling of security labels for created device nodes: mknod creates the nodes before applying the SELinux context, and on labeling failure attempts cleanup via std::fs::remove_dir, which cannot remove ...

4.4CVSS5.8AI score0.00142EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/22 3:31 p.m.8 views

EUVD-2026-24857

In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...

5.6AI score0.00129EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24757

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group spaceinfo When createspaceinfosubgroup allocates elements of spaceinfo-subgroup, kobjectinitandadd is called for each element via btrfssysfsaddspaceinfotype. However, when...

5.6AI score0.00123EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 3:3 p.m.11 views

Malicious code in @stlm/common-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 524e7ff666da99814e99aa71977173170ff4d7d51c5730a30bf0375665f89582 The package @stlm/common-ui was found to contain malicious code. Source: ghsa-malware 2d6d7ee043c22bf0b8caf216d27b99ca30f22667d60e5d1d0c76178c5808ae5...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 2:49 p.m.11 views

Malicious code in sparkling-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a51b8dc4e5a69bd2a09d2bb1c705963de6b9513ff871237d21a5f6641abc0ac The package sparkling-sdk was found to contain malicious code. Source: ghsa-malware b0457cea0504e91fd51a3802d694a20e91fab0bf48731ae4a18c484eab349202...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/22 2:49 p.m.10 views

MAL-2026-2995 Malicious code in color-studio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d197fd4183100bf9c61d06d5f63aea39f8b61429628f3a13522d8b511a0482bb The package color-studio was found to contain malicious code. Source: ghsa-malware 3ea22c97ba975ced2d26e899fe9ac900d3e1df68314536f95416cf2b03b65472 A...

5.7AI score
Exploits0References1
NVD
NVD
added 2026/04/22 2:16 p.m.3 views

CVE-2026-31489

In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...

7.8CVSS0.00129EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 2:1 p.m.7 views

Malicious code in @openwebconcept/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/22 2:1 p.m.9 views

MAL-2026-2993 Malicious code in @openwebconcept/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 1:59 p.m.13 views

Malicious code in @openwebconcept/theme-owc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba9da7f58491c9c4715c34da32da8f4a9d1519075412a9be534d19e6e07466e2 The package @openwebconcept/theme-owc was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/22 1:58 p.m.12 views

MAL-2026-2992 Malicious code in @automagik/genie (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6e7702eae0e8ff480f6f47624128cb3bf2ad5934d6c6a9a5481f3ac424db40 The package @automagik/genie was found to contain malicious code. Source: ghsa-malware 00207299cc0b9ee634f5850f194f399c6164fd4621989a43f8e5f9353d3707...

5.7AI score
Exploits0References1
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.34 views

CVE-2026-31489 spi: meson-spicc: Fix double-put in remove path

In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...

0.00129EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 1:51 p.m.14 views

Malicious code in pgserve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48b943e993f7a62fe43ad9c5412ad1750fd3d5a8cd5214988b16caf78f4a06d The package pgserve was found to contain malicious code. Source: ghsa-malware 3eb07d42183ec3a63a62edc4353d8dbaa85afd8c1830fa5b6ef2617fb5a2b3e0 Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/22 1:51 p.m.11 views

MAL-2026-2991 Malicious code in pgserve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48b943e993f7a62fe43ad9c5412ad1750fd3d5a8cd5214988b16caf78f4a06d The package pgserve was found to contain malicious code. Source: ghsa-malware 3eb07d42183ec3a63a62edc4353d8dbaa85afd8c1830fa5b6ef2617fb5a2b3e0 Any...

5.7AI score
Exploits0References1
Rows per page
Query Builder