Lucene search
K

3091 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-7620

The Notification for Telegram plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.5.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS0.00272EPSS
Exploits0References11
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43131

The Notification for Telegram plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.5.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS6AI score0.00272EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 5 days ago5 views

kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

7.5CVSS5.8AI score0.00151EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago5 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS6.2AI score0.00176EPSS
Exploits3References5
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42178

The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin through 1.1.28 does not validate data before passing it to a PHP deserialization function, allowing unauthenticated attackers to inject arbitrary PHP objects; where a suitable gadget chain is present on the site this c...

8.1CVSS6.2AI score0.00389EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 6:31 a.m.6 views

OESA-2026-2870 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using...

7.8CVSS5.9AI score0.00321EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.22 views

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50372)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50372 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Rajat Gupta CVE-2026-46331 - eventpoll: fix epremove struct eventpoll / struc...

9.8CVSS7AI score0.96267EPSS
Exploits326References820
Oracle linux
Oracle linux
added 2026/07/03 12:0 a.m.9 views

Unbreakable Enterprise kernel security update

5.15.0-322.203.3.2 - KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level Sean Christopherson Orabug: 39673886 - KVM: x86: Fix shadow paging use-after-free due to unexpected role Paolo Bonzini Orabug: 39673886 - KVM: x86: Fix shadow paging use-after-free due to unexpected...

9.8CVSS7.3AI score0.0053EPSS
Exploits14
OSV
OSV
added 2026/07/02 3:17 p.m.4 views

UBUNTU-CVE-2026-53358

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: use chan timer to close channels in cleanuplisten l2capchanclose removes the channel from conn-chanl, which must be done under conn-lock. cleanuplisten runs under the parent sklock, so acquiring conn-lock would...

5.8AI score0.00165EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.7 views

CVE-2026-53328

In the Linux kernel, the following vulnerability has been resolved: schedext: Don't warn on NULL cgrpmovingfrom in scxcgroupmovetask A WARN fires when systemd's user manager writes "+cpu +memory +pids" to its own subtreecontrol while a schedext scheduler is loaded: WARNING: at...

5.7AI score0.00168EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40794

Use after free in Scheduling in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score0.0028EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-14107

Use after free in Scheduling in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS0.0028EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14107

Use after free in Scheduling in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14107

CVE-2026-14107 describes a use-after-free in Chrome’s Scheduling component, exploitable via a crafted HTML page to achieve remote code execution inside the sandbox. Affected software: Google Chrome, versions before 150.0.7871.47. Root cause: use-after-free in scheduling logic (Chromium). Impact: ...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.29 views

CVE-2026-14107

Use after free in Scheduling in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

0.0028EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54382

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue in the Scheduling component allows a remote attacker to execute arbitrary code within a sandbox by inducing the user to visit a specially crafted HTML page. Use...

9.8CVSS6.4AI score0.00413EPSS
Exploits0References447
OSV
OSV
added 2026/06/29 12:0 a.m.9 views

ALSA-2026:30848 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kernel: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach CVE-2026-43038 kernel: netfilter: flowtabl...

9.8CVSS6.4AI score0.00465EPSS
Exploits0References18
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:17 a.m.2 views

net/sched: netem: fix queue limit check to include reordered packets

...

5.5CVSS6.1AI score0.00184EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.5 views

CVE-2026-53011

A flaw was found in the Linux kernel's networking scheduler, specifically within the taprio module. When the system attempts to switch schedules, a use-after-free vulnerability occurs in the advancesched function. This happens because a pointer to an old schedule entry is still used after the...

7.8CVSS6AI score0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 11:39 a.m.3 views

SUSE-SU-2026:22475-1 Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-45.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References12
Rows per page
Query Builder