Lucene search
K

513 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.10 views

CVE-2026-22676

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...

8.5CVSS5.7AI score0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 6:21 a.m.11 views

EUVD-2026-34213

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.8AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 6:21 a.m.7 views

CVE-2026-49194

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.8AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 6:21 a.m.28 views

CVE-2026-49194

Technical details about CVE-2026-49194 are not publicly available in the provided documents; monitor for updates.

9.4CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the debugging routine SCREENCLICK5053, which allows connections to completely bypass standard device login prompts and directly...

9.4CVSS5.3AI score0.00232EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46152

The debugging routine SCREEN CLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS5.8AI score0.00232EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:5 a.m.8 views

xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete

...

7.8CVSS5.4AI score0.00125EPSS
Exploits1
OSV
OSV
added 2026/05/27 2:17 p.m.6 views

UBUNTU-CVE-2026-45875

In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Fix regulator resource leak on wm5102clearwritesequencer failure The wm5102clearwritesequencer helper may return an error and just return, bypassing the cleanup sequence and causing regulators to remain enabled,...

5.5CVSS5.7AI score0.00166EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

GNU LibreDWG 安全漏洞

GNU LibreDWG is a C language library for working with DWG files from the US GNU community. A security vulnerability exists in GNU LibreDWG version 0.14 and earlier versions, which stems from a heap buffer overflow in the decompressR2004section function of the src/decode.c file in the Dwgread...

5.3CVSS6.2AI score0.00154EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fixed an issue in usbnetstartxmit/usbsubmiturb. The syzbot fuzzer identified a problem with the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504;...

5.5CVSS6.1AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for accessing an uninitialized lock in the fc replay path. The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with the fast-commit feature enabled: INFO: Trying to...

5.5CVSS6.2AI score0.00221EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/14 4:16 p.m.9 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the logs and stats API actions in the RoutineViewSet process. An attacker can access another user's private workout session notes, exercise history, and training statistics by enumerating public template routin...

8.7CVSS5.8AI score0.00051EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.22 views

PT-2026-41136

Summary Any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not own. The RoutinePermission class grants read access to any authenticated user when a routine has is...

7.5CVSS5.8AI score0.00051EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/13 3:33 p.m.14 views

wger has an Uncontrolled Resource Consumption issue

Summary Any authenticated user can create a routine spanning an arbitrarily long date range e.g. 100 years and then trigger the datesequence computation via any of the routine detail endpoints. The server iterates once per day in an unbounded while loop with no maximum duration validation, causin...

5.8AI score
Exploits0References3Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.12 views

Cybercrime and Prevention: Colonel Blotto in Social Engineering

Cybercriminals increasingly target the human factor rather than continuously advancing technological defense mechanisms. Consequently, institutions that allocate substantial resources to strengthening their cybersecurity infrastructure may remain vulnerable if a deceived employee voluntarily...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/08 3:16 p.m.12 views

UBUNTU-CVE-2026-43395

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.11 views

CVE-2026-43426

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: fix use-after-free in ISR during device removal In usbhsremove, the driver frees resources including the pipe array while the interrupt handler usbhsinterrupt is still registered. If an interrupt fires after...

7.8CVSS5.7AI score0.00126EPSS
Exploits0
NVD
NVD
added 2026/05/06 12:16 p.m.7 views

CVE-2026-43122

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00121EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.17 views

PT-2026-37596

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds memory access occurs in the vfe isr reg update function. The vfe isr function uses MSM VFE IMAGE MASTERS NUM 7 as a loop bound and passes the resulting index to vfe isr...

7.8CVSS6.3AI score0.00129EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 2:14 p.m.8 views

CVE-2026-31756

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be held since it does spinunlock/spinlock around the gadget driver...

5.5CVSS5.7AI score0.00095EPSS
Exploits0
Rows per page
Query Builder