Lucene search
K

533 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in zlib

Zlib before version 1.3.2 allowed CPU consumption through crc32combine64 and crc32combinegen64, because x2nmodp could perform right shifts within a loop without a termination condition...

5.5CVSS6.2AI score0.00204EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.6 views

EUVD-2026-37653

Unauthenticated Local File Inclusion in Right Way = 4.0 versions...

8.1CVSS5.2AI score0.00363EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.15 views

CVE-2026-22330

Unauthenticated Local File Inclusion in Right Way = 4.0 versions...

8.1CVSS0.00363EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 9:50 a.m.10 views

CVE-2026-22330

CVE-2026-22330 describes an Unauthenticated Local File Inclusion vulnerability in the WordPress theme Right Way (version ≤ 4.0). The Patchstack entry and CVE listing confirm the flaw exists in this theme and is currently described as unpatched within the dataset. The CVSS/metrics indicate a high-...

8.1CVSS5.2AI score0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.32 views

CVE-2026-22330 WordPress Right Way theme <= 4.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Right Way = 4.0 versions...

8.1CVSS0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-6246

The Simple Random Posts Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'containerrightwidth' attribute of the 'simplerandomposts' shortcode in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.7AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 3:16 p.m.13 views

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

5.4CVSS0.00199EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:5 p.m.9 views

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

5.8AI score0.00199EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/25 2:5 p.m.8 views

CVE-2026-9078 Firefox iOS RTL Domain Rendering Issue in Link Preview

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

5.8AI score0.00199EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/25 2:5 p.m.11 views

EUVD-2026-31693

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

5.8AI score0.00199EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/05/25 2:5 p.m.18 views

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

5.4CVSS5.8AI score0.00199EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

Mozilla Firefox for iOS 安全漏洞

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS prior to version 151.1, which stems from the incorrect display of specially crafted right-to-left domain names and internationalized...

5.4CVSS5.7AI score0.00199EPSS
Exploits0References3
Mozilla
Mozilla
added 2026/05/25 12:0 a.m.22 views

Security Vulnerabilities fixed in Firefox for iOS 151.1 — Mozilla

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins...

5.4CVSS5.8AI score0.00199EPSS
Exploits0References1Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes races with unixstreamreadgeneric. The safest...

4.7CVSS6.1AI score0.00795EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Vim

A heap-based buffer overflow exists in Vim/vim 9.0.0946 and earlier, as it allows an attacker to use CTRL-W gf in the expression used in the right-hand side of the substitute command...

7.8CVSS7.4AI score0.00423EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed a shift-out-of-bounds/overflow issue in nilfssb2badoffset. The patch series “nilfs2: Fix UBSAN shift-out-of-bounds warnings during mount time” addresses this issue. The first patch fixes a bug reported by syzbot,...

7.1CVSS6.4AI score0.00155EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/19 7:50 p.m.11 views

OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Summary The BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling directories.TryGetSiblingchild, siblingType, validateColor. A crafted CFB file with cyclic Left/Right sibling links among directory entries -...

5.9AI score0.00017EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/13 3:37 a.m.10 views

SUSE CVE-2026-42050

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References10
NVD
NVD
added 2026/05/11 8:25 p.m.10 views

CVE-2026-42050

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...

5.5CVSS0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 7.1.2-21 and 6.9.13-46 contained security vulnerabilities. These vulnerabilities were due ...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References1
Rows per page
Query Builder