Lucene search
K

1795 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2025-210470

A null pointer dereference vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, affecting the ReadRevisionAttribute function used in multiple clusters Channel, Account Login, TargetNavigator, etc.. The function lacks proper validation of the delegate pointer before dereferencing. ...

7.5CVSS6AI score0.00211EPSS
Exploits0References3
NVD
NVD
added 2 days ago8 views

CVE-2025-56363

A null pointer dereference vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, affecting the ReadRevisionAttribute function used in multiple clusters Channel, Account Login, TargetNavigator, etc.. The function lacks proper validation of the delegate pointer before dereferencing. ...

7.5CVSS0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2025-56363

A null pointer dereference vulnerability exists in the Matter SDK connectedhomeip before 1.4.0, affecting the ReadRevisionAttribute function used in multiple clusters Channel, Account Login, TargetNavigator, etc.. The function lacks proper validation of the delegate pointer before dereferencing. ...

0.00211EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-59828

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS5.9AI score0.00314EPSS
Exploits0References10Affected Software1
OSV
OSV
added last week2 views

CVE-2026-59828 Discourse: Hidden post revisions leak through adjacent visible diffs

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0,...

5.3CVSS6.1AI score0.00314EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.5 views

PT-2026-57004

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2026.6.0 Discourse versions prior to 2026.5.1 Discourse versions prior to 2026.4.2 Discourse versions prior to 2026.1.5 Description Post revisions intended to be hidden from regular users may be leaked through visib...

5.3CVSS6.1AI score0.00314EPSS
Exploits0References17
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2026-58025

Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php. This issue affects MediaWiki: from before 1.46.0, 1.45.4,...

9.8CVSS0.00503EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 3:23 p.m.18 views

CVE-2026-58025

CVE-2026-58025 describes a deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki (affected components: includes/Import/WikiImporter.php, includes/Import/WikiRevision.php, includes/Logging/LogEntryBase.php) that affects MediaWiki releases prior to 1.46.0, including 1.45...

9.8CVSS5.8AI score0.00503EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/29 4:39 a.m.10 views

CVE-2026-47155

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. The revision pinning controls in vLLM do not consistently apply to all artifacts loaded for a model. This allows a deployment configured with specific revisions to still load dynamic code or other...

6.5CVSS5.8AI score0.00146EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5272 Tekton Pipeline: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE in github.com/tektoncd/pipeline

Tekton Pipeline: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE in github.com/tektoncd/pipeline...

8.5CVSS5.8AI score0.00788EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fixed the issue where the PF driver crashed during kexec kernel booting. During a kexec reboot, the hardware is not power-cycle, so the AF state from the old kernel can persist into the new kernel. When the AF and P...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 2:17 p.m.9 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS0.00216EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 2:17 p.m.3 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.36 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

0.00216EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 1:20 p.m.10 views

EUVD-2026-38766

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 1:20 p.m.15 views

CVE-2026-57286

CVE-2026-57286 describes a missing permission check in the Jenkins Git Parameter Plugin (462.vdcf3df2ed2ca_ and earlier). This allows users with Item/Read permission to obtain information about the SCM repository used by a job (e.g., branch names, tag names, and revision metadata). The impact is ...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.7 views

CVE-2026-57286

A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...

4.3CVSS5.9AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: Rejects the reuse of ALARM timer labels in revision 0 rules. In revision 0 rules, reusing timers by label always involves calling modtimer on the uninitialized timer-timer. If the label was created first i...

7.8CVSS6.1AI score0.00128EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 11:16 p.m.11 views

CVE-2026-47155

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies --revision or --code-revision can still load dynamic code, GGUF files, image...

6.5CVSS0.00146EPSS
Exploits0References4
OSV
OSV
added 2026/06/22 10:20 p.m.5 views

CVE-2026-47155 vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processors

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies --revision or --code-revision can still load dynamic code, GGUF files, image...

6.5CVSS6AI score0.00146EPSS
Exploits0References6
Rows per page
Query Builder