Lucene search
K

3335 matches found

Cvelist
Cvelist
added 2026/06/18 1:47 p.m.17 views

CVE-2026-42488 x86: mismatched mapcache metadata

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

0.00353EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 1:47 p.m.32 views

CVE-2026-42488

CVE-2026-42488 concerns the Xen hypervisor. Some shadow paging error paths can switch page-tables without updating the running vCPU reference, causing a mismatch between loaded page-tables and mapcache metadata and potentially leading to mapcache corruption. Affected products/versions are implied...

8.1CVSS5.3AI score0.00353EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.11 views

PT-2026-50775

Name of the Vulnerable Software and Affected Versions bpm-release versions prior to v1.4.30 Description A container-to-host privilege escalation exists where the setupBpmLogs function follows symlinks for bpm.log during open and chown operations. A compromised process within a bpm container can...

6.9CVSS6.1AI score0.00125EPSS
Exploits0References5
Cloud Foundry
Cloud Foundry
added 2026/06/18 12:0 a.m.6 views

CVE-2026-47833 - Symlink vulnerability in setupBpmLogs allows container-to-host privilege escalation via /etc/shadow | Cloud Foundry

Medium CVSS score: 6.8 Medium CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/S:U/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N Vendor Cloud Foundry Foundation Versions Affected Severity is Medium unless otherwise noted. bpm-release – All versions prior to v1.4.30 Description setupBpmLogs follows symlink for bpm.log open and...

6.9CVSS5.6AI score0.00125EPSS
Exploits0
Metasploit
Metasploit
added 2026/06/17 7:3 p.m.173 views

NTLM Relay to Self (HTTP to LDAP) - Post Exploitation

This module performs an NTLM relay-to-self privilege escalation attack. It starts an HTTP-to-LDAP relay server on the compromised host, then triggers the WebClient service via an ETW event allowing a low-privilege user to start it, and coerces the local machine account to authenticate via...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/06/16 7:2 p.m.170 views

Linux Kernel __ptrace_may_access() Exit Race chage File Disclosure

This module exploits a race condition in the Linux kernel doexit teardown path affecting ptracemayaccess. During process termination, privileged file descriptors may remain accessible through pidfdgetfd after task-mm becomes NULL, allowing sensitive file disclosure from privileged SUID binaries...

7.8CVSS6.5AI score0.0138EPSS
Exploits6
OSV
OSV
added 2026/06/15 8:1 p.m.11 views

GHSA-RP9W-3FW7-7CWQ DOMPurify IN_PLACE Sanitization Bypass via Attached Shadow Root Inside <template>.content

If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript: URL, even a full script -...

5.1CVSS5.2AI score0.00038EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:1 p.m.9 views

DOMPurify IN_PLACE Sanitization Bypass via Attached Shadow Root Inside <template>.content

If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript: URL, even a full script -...

5.2AI score0.00038EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/15 7:56 p.m.16 views

DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks

Cross-realm INPLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-50...

5.8AI score0.00055EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/15 5:27 p.m.9 views

NPM: protobufjs : Schema-derived names can shadow runtime-significant properties

NPM: protobufjs : Schema-derived names can shadow runtime-significant properties vulnerability discovered by ? in WordPress Npm protobufjs-cli versions = 1.3.2...

5.3CVSS5.8AI score0.00238EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49559

If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript: URL, even a full script -...

5.1CVSS5.1AI score0.00038EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.12 views

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2383-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2383-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...

9.8CVSS6.6AI score0.00563EPSS
Exploits5References40
NVD
NVD
added 2026/06/12 8:16 p.m.10 views

CVE-2026-54361

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

8.8CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 7:59 p.m.30 views

CVE-2026-54361

CVE-2026-54361 affects MISP and stems from mass assignment flaws in collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should be server-controlled (e.g., id, org_id, orgc_id, user_id), enabling an authenticated att...

8.8CVSS5.2AI score0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 7:59 p.m.8 views

CVE-2026-54361 MISP mass assignment vulnerabilities allow unauthorized modification of ownership and delegation records

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

8.8CVSS5.1AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 7:59 p.m.32 views

CVE-2026-54361 MISP mass assignment vulnerabilities allow unauthorized modification of ownership and delegation records

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

8.8CVSS0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 7:59 p.m.9 views

EUVD-2026-36554

MISP contained multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. Several controller actions accepted user-supplied fields that should have remained server-controlled, including record identifiers and ownership-relat...

8.8CVSS5.2AI score0.00262EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48973

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description Multiple mass assignment issues exist in the handling of collections, tag collections, event delegations, and shadow attributes. Certain controller actions accept user-supplied fields that shoul...

8.8CVSS5.3AI score0.00262EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.25 views

Xen: x86 Mismatched Mapcache Metadata (XSA-494)

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache. This can result in privilege escalation, Denial of Servi...

8.1CVSS5.9AI score0.00353EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:19 a.m.11 views

Malicious code in chai-as-victimed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b60cf728d4e2f5932f37d3e420649f6facc08959a8380a4724ec9e885b88754 Package name impersonates chai-as-promised but ships a remote-code dropper. lib/caller.js base64-decodes a hardcoded URL pointing to...

6.5AI score
Exploits0References1
Rows per page
Query Builder