Lucene search
K

100 matches found

Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.12 views

PT-2026-51255

Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description Command injection is possible via the POST Request Handler component. A remote attacker can exploit this by manipulating the interface argument within the stainfo function of the '/goform/stainfo'...

6.5CVSS6.7AI score0.01182EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/06/01 3:30 a.m.10 views

CVE-2026-10220 NousResearch hermes-agent skills_tool.py skill_view injection

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent inheritance of LOGSUBDOMAINSOFF in landlock. This vulnerability may cause subprocesses to...

5.8AI score0.00118EPSS
Exploits0References3
NVD
NVD
added 2026/05/26 4:16 a.m.17 views

CVE-2026-9523

A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument...

7.5CVSS0.0033EPSS
Exploits0References4
Talos Blog
Talos Blog
added 2026/05/07 6:0 p.m.12 views

Unplug your way to better code

Welcome to this week's edition of the Threat Source newsletter. Hey, you. Yeah, you! The person endlessly scrolling or typing away at their computer. Did you touch grass today? It's just an expression, but if nature's your thing, that works just fine. What I do mean is that due to the nature of t...

5.9AI score
Exploits0
NVD
NVD
added 2026/05/03 10:16 a.m.12 views

CVE-2026-7688

A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API Endpoint. The manipulation of the argument fields leads to sql injection. The attack is possible to be...

5CVSS0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013832 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer...

4.7CVSS6.9AI score0.00118EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010892)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010892 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer...

4.7CVSS6.5AI score0.00118EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/01 10:58 a.m.5 views

CVE-2026-5183

A vulnerability was determined in TRENDnet TEW-713RE up to 1.02. The affected element is the function sub421494 of the file /goform/addRouting. Executing a manipulation of the argument dest can lead to command injection. It is possible to launch the attack remotely. The exploit has been publicly...

6.5CVSS6.3AI score0.05126EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 7:10 a.m.2 views

BIT-DISCOURSE-2026-30888 Discourse has moderator privilege escalation via arbitrary post_id in suspend/silence endpoint

Discourse is an open-source discussion platform. Versions prior to 2026.3.0, 2026.2.1, and 2026.1.2 allow a moderator to edit site policy documents ToS, guidelines, privacy policy that they are explicitly prohibited from modifying. Versions 2026.3.0, 2026.2.1, and 2026.1.2 contain a patch. No kno...

5.5CVSS5.8AI score0.00213EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 2:55 a.m.6 views

CVE-2026-30888 Discourse has moderator privilege escalation via arbitrary post_id in suspend/silence endpoint

Discourse is an open-source discussion platform. Versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 allow a moderator to edit site policy documents ToS, guidelines, privacy policy that they are explicitly prohibited from modifying. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 conta...

2.2CVSS5.7AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.5 views

CVE-2026-3675

A vulnerability was determined in Freedom Factory dGEN1 up to 20260221. Affected by this issue is the function FakeAppReceiver of the component org.ethosmobile.ethoslauncher. Executing a manipulation can lead to improper authorization. The attack needs to be launched locally. The exploit has been...

5.3CVSS5.4AI score0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/26 11:32 p.m.6 views

CVE-2026-3269 psi-probe PSI Probe Session ExpireSessionsController.java handleRequestInternal denial of service

A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...

5.3CVSS5.5AI score0.00561EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/08 1:2 a.m.8 views

EUVD-2026-5825

A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...

6.5CVSS6.3AI score0.00267EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/22 1:2 p.m.5 views

CVE-2026-1325 Sangfor Operation and Maintenance Security Management System edit_pwd_mall password recovery

A security flaw has been discovered in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function editpwdmall of the file /fort/login/editpwdmall. The manipulation of the argument flag results in weak password recovery. It is possible to launch the attack...

6.9CVSS5.3AI score0.00523EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38078)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38078 advisory. - In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at...

4.7CVSS7.1AI score0.00118EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tracing: Silence warning when chunk allocation fails in tracepidwrite Syzkaller trigger a fault injection warning: WARNING: CPU: 1 PID: 12326 at tracepointaddfunc+0xbfc/0xeb0 Modules linked in: CPU: 1 UID: 0 PID: 12326 Comm:...

5.5CVSS6.5AI score0.00154EPSS
Exploits0References3
OSV
OSV
added 2026/01/11 5:15 a.m.4 views

CVE-2026-0837

A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor...

8.8CVSS6.4AI score0.03409EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/30 3:30 p.m.3 views

EUVD-2023-60394

In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btftypeidsize syzbot reported a warning in 1 with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btftypeidsize+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... RIP:...

5.8AI score0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/30 12:15 p.m.25 views

CVE-2023-54247 bpf: Silence a warning in btf_type_id_size()

In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btftypeidsize syzbot reported a warning in 1 with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btftypeidsize+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... RIP:...

0.00166EPSS
Exploits0References3
Rows per page
Query Builder