Lucene search
+L

441 matches found

Nuclei
Nuclei
added 3 days ago369 views

Qlik Sense Enterprise - HTTP Request Smuggling

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

9.9CVSS7.1AI score0.84967EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value...

9.1CVSS6.1AI score0.00544EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:16 a.m.9 views

RDMA/srp: bound SRP_RSP sense copy by the received length

...

9.1CVSS5.8AI score0.00544EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.8 views

SUSE CVE-2026-53186

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS6AI score0.00544EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53186

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS0.00544EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53186

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS5.9AI score0.00544EPSS
Exploits0References11
CVE
CVE
added 2026/06/25 8:38 a.m.22 views

CVE-2026-53186

CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...

9.1CVSS6AI score0.00544EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39277

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

6AI score0.00544EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.35 views

CVE-2026-53186 RDMA/srp: bound SRP_RSP sense copy by the received length

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS0.00544EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 a.m.8 views

CVE-2026-53186

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

5.9AI score0.00544EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53186 RDMA/srp: bound SRP_RSP sense copy by the received length

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS6AI score0.00544EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52282

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/srp component where the srp process rsp function copies sense data from a source offset determined by resp data len without verifying it against the actual...

9.1CVSS5.9AI score0.00544EPSS
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2026/06/06 2:28 a.m.9 views

CVE-2026-9280

The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and including, 2.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS5.7AI score0.00225EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

An “off-by-one” error was detected in the SCSI device emulation in QEMU. This error could occur during the processing of MODE SELECT commands in modesensepage, if the ‘page’ argument is set to MODEPAGEALLS 0x3f. A malicious guest could exploit this flaw to potentially cause QEMU to crash, resulti...

6.5CVSS6.7AI score0.00338EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.15 views

Not What You Asked For: Typographic Attacks in Household Robot Manipulation

Open-vocabulary embodied AI agents increasingly rely on vision-language models such as CLIP for object perception and task grounding. However, the shared embedding space that enables this flexibility introduces a structural vulnerability to typographic attacks, where printed text in a physical...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/24 12:16 a.m.9 views

CVE-2026-25720

A vulnerability exists in SenseLive X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain active for extended periods without requiring re-authentication. An attacker with access to a previously authenticated session could continu...

6.9CVSS0.00283EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013396 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

5.5CVSS6.3AI score0.00196EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013452)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013452 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

5.5CVSS6.5AI score0.00196EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.14 views

Unity Linux 20.1050a / 20.1060a Security Update: kernel (UTSA-2026-013389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013389 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

5.5CVSS7AI score0.00196EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007301 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

5.5CVSS6.5AI score0.00196EPSS
Exploits0References3
Rows per page
Query Builder