Lucene search
K

345 matches found

Patchstack
Patchstack
added 5 days ago5 views

WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Phat RiO in WordPress Plugin BookPro versions = 1.1.0...

5.3CVSS5.8AI score0.00228EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rapidio: A check for rioaddnet has been added in rioscanallocnet. The return value of rioaddnet should be checked. If it fails, putdevice should be called to free the memory and release the references initialized during rioaddnet...

5.5CVSS6.1AI score0.00185EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/fslrio: The refcount leak in fslriosetup has been fixed. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it when there is no longer a need for it. Add the missing ofnodeput...

5.5CVSS5.4AI score0.00241EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...

5.3AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: rapidio: Fix an API misuse when rioaddnet fails. rioaddnet calls deviceregister, and it fails when deviceregister does. Therefore, putdevice should be used instead of kfree. Also, add "mport-net = NULL;" to avoid a...

7.8CVSS6.7AI score0.00189EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/12 11:14 a.m.9 views

WordPress BookPro plugin <= 1.1.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO in WordPress Plugin BookPro versions = 1.1.0...

8.6CVSS5.3AI score0.0054EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/01 9:38 a.m.8 views

WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability

Account Takeover vulnerability discovered by Phat RiO in WordPress Plugin Booknetic versions = 4.8.5...

8.1CVSS5.8AI score0.00322EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 8:55 a.m.11 views

WordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Phat RiO in WordPress Plugin Paid Videochat Turnkey Site versions = 7.3.23...

8.1CVSS5.8AI score0.00317EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/28 8:54 a.m.10 views

WordPress Support Ticket Management System plugin <= 1.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin Support Ticket Management System versions = 1.9...

9.8CVSS5.8AI score0.0045EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/25 10:40 p.m.10 views

WordPress NanoCare theme < 1.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Theme NanoCare versions 1.2.2...

5.4CVSS5.8AI score0.00223EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/25 9:50 p.m.9 views

WordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin B2BKing versions 5.2.10...

4.9CVSS5.8AI score0.00254EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/20 12:36 p.m.7 views

WordPress PowerPress Podcasting plugin <= 11.15.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO in WordPress Plugin PowerPress Podcasting versions = 11.15.10...

5.9AI score0.00253EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/05/14 10:33 a.m.14 views

WordPress InfusedWoo Pro plugin <= 5.1.2 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation vulnerability

Authenticated Subscriber+ Missing Authorization to Privilege Escalation vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin InfusedWoo Pro versions = 5.1.2...

8.8CVSS5.8AI score0.0029EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28565

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

5.8AI score0.00123EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/05/08 2:16 p.m.8 views

CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References10
OSV
OSV
added 2026/05/08 2:16 p.m.5 views

UBUNTU-CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/08 1:11 p.m.28 views

CVE-2026-43295 rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

0.00123EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the idtab allocation function in the rioscanallocnet function. This failure leads ...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-38937

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rio scan alloc net function where rio free net was used instead of kfree during a failure in idtab allocation. Because the net is not yet registered with rio add n...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
Rows per page
Query Builder