Lucene search
K

2730 matches found

SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.12 views

SUSE CVE-2026-45856

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

6.1CVSS5.8AI score0.00164EPSS
Exploits0References16
EUVD
EUVD
added 2026/05/28 12:30 a.m.14 views

EUVD-2026-32678

The Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the sendtestemail function in all versions up to, and including, 3.4.7. This makes it possible for authenticated...

4.3CVSS5.9AI score0.00275EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.18 views

PT-2026-44367

Name of the Vulnerable Software and Affected Versions Apache Artemis versions 2.50.0 through 2.53.0 Apache ActiveMQ Artemis versions 2.0.0 through 2.44.0 Description An issue exists where an application using the STOMP Simple Text Oriented Messaging Protocol protocol can augment the routing-type ...

4.3CVSS5.8AI score0.00372EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Apache ActiveMQ和Apache ActiveMQ Artemis 安全漏洞

Apache ActiveMQ and Apache ActiveMQ Artemis are both products of the Apache Foundation in the United States. Apache ActiveMQ is an open-source messaging middleware that supports Java Message Service, clustering, Spring Framework, etc. Apache ActiveMQ Artemis is a high-performance open-source...

4.3CVSS5.8AI score0.00372EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32322

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

5.8AI score0.00164EPSS
Exploits0References9
NVD
NVD
added 2026/05/27 2:16 p.m.12 views

CVE-2026-45856

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

7.1CVSS0.00164EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:16 p.m.8 views

UBUNTU-CVE-2026-45856

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

5.8AI score0.00126EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/27 12:15 p.m.30 views

CVE-2026-45856

The CVE-2026-45856 issue affects the Linux kernel's RDMA/uverbs subsystem, specifically ib_uverbs_post_send. The vulnerability arises when cmd.wqe_size from userspace is not validated before kmalloc and using the allocated memory as struct ib_uverbs_send_wr, allowing an out-of-bounds read of kern...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/27 10:58 a.m.11 views

SUSE CVE-2026-8450

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

8.1CVSS5.8AI score0.01452EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/27 5:16 a.m.19 views

CVE-2026-8450

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 5:16 a.m.18 views

UBUNTU-CVE-2026-8450

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References7
CVE
CVE
added 2026/05/27 4:22 a.m.116 views

CVE-2026-8450

CVE-2026-8450 affects HTTP::Daemon before 6.17 (Perl). The vulnerability allows OS command execution via the send_file() function, which opens its string argument with Perl’s 2-arg open(). The 2-arg form supports magic prefixes: “| cmd” and “cmd |” to pipe to a subprocess, and “> path”/“>&g...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/05/27 4:22 a.m.11 views

CVE-2026-8450 HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file()

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

5.8AI score0.01452EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 2:47 a.m.11 views

SUSE CVE-2026-45836

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43494

Name of the Vulnerable Software and Affected Versions HTTP::Daemon versions prior to 6.17 Description OS command injection is possible through the send file function. This occurs because send file utilizes Perl's 2-arg open function, which interprets magic prefixes. Specifically, prefixes like '|...

9.1CVSS5.8AI score0.01452EPSS
Exploits0References38
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RDMA uverbs module not verifying the wqesize value in the ibuverbspostsend function. This cou...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ib uverbs post send function uses the wqe size variable from userspace without validation before passing it to kmalloc. If a small value is provided for wqe size, the system may...

7.1CVSS5.4AI score0.00164EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.10 views

CVE-2026-45856

RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 5:16 p.m.17 views

CVE-2026-45836

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.5CVSS0.00122EPSS
Exploits0References8
Rows per page
Query Builder