Lucene search
K

7103 matches found

Nuclei
Nuclei
added yesterday52 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/takeaction.php?id=. id: CVE-2022-31984 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

7.2CVSS7.1AI score0.04863EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday46 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleterequest. id: CVE-2022-31976 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

9.8CVSS7.3AI score0.0716EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday34 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. id: CVE-2022-31974 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL Injectio...

7.2CVSS7.1AI score0.04903EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday40 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteinquiry. id: CVE-2022-31978 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to...

9.8CVSS7.3AI score0.0716EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday26 views

DomainMOD 4.13.0 - Cross-Site Scripting

DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...

5.4CVSS6AI score0.01331EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday37 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manageuser&id=. id: CVE-2022-31975 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: high description: | Online Fire Reporting System v1.0 is vulnerable to SQL...

7.2CVSS7.1AI score0.04863EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday47 views

Online Fire Reporting System v1.0 - SQL injection

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=deleteteam. id: CVE-2022-31977 info: name: Online Fire Reporting System v1.0 - SQL injection author: theamanrawat severity: critical description: | Online Fire Reporting System v1.0 is vulnerable to SQ...

9.8CVSS7.3AI score0.0716EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 5 days ago11 views

6 security settings every GitHub maintainer should enable this week

At GitHub Security Lab, we spend a lot of our week talking to maintainers. Some find the settings page dense and the docs sprawl. Most maintainers we talk to weren't hired to be security engineers. While this is true, ignoring a project's security settings completely will lead into leaving a lot ...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with...

7.5CVSS5.9AI score0.00359EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2026/06/26 7:32 p.m.8 views

Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more

Help shape the future of Metasploit Framework We are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they function/are presented to users. We are currently accepting responses to our feedback form, which means that you can shape the future of...

10CVSS7.3AI score0.99621EPSS
Exploits69
RedhatCVE
RedhatCVE
added 2026/06/26 7:44 a.m.9 views

CVE-2026-53165

A flaw was found in the Linux kernel's iomap subsystem. A race condition can occur during buffered read error reporting, specifically in the iomapfinishfolioread function. This allows a separate process to clear a folio's mapping while an error is being reported, leading to a null pointer...

7.5CVSS5.7AI score0.00359EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.6 views

SUSE CVE-2026-53165

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53165

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS0.00359EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53165

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS5.7AI score0.00359EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53165 iomap: avoid potential null folio->mapping deref during error reporting

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS0.00359EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:38 a.m.8 views

CVE-2026-53165

CVE-2026-53165 describes a race in the Linux kernel iomap subsystem where, during buffered read error reporting, a separate in-flight read can detach a folio and set folio->mapping to NULL before an error is reported, leading to a NULL dereference of folio->mapping in fserror_report_io(). T...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53165

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS5.7AI score0.00359EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/24 4:29 p.m.8 views

Important: Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage

A Subscription Management tool for finding and reporting Red Hat product usage Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their...

9.8CVSS5.9AI score0.02719EPSS
Exploits18References55
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

5.7AI score0.00126EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 6:0 a.m.35 views

CVE-2026-10753 Site Kit by Google < 1.176.0 - Editor+ Email Reporting Settings Update

The Site Kit by Google WordPress plugin before 1.176.0 does not properly restrict a REST API write endpoint to administrators, allowing lower-privileged users who have been granted dashboard sharing access such as Editors to modify a site-wide Site Kit by Google WordPress plugin before 1.176.0...

0.00168EPSS
Exploits0References1
Rows per page
Query Builder