Lucene search
K

1254 matches found

Nuclei
Nuclei
added 12 hours ago145 views

Stash < 0.26.0 - SQL Injection

Stash up to v0.25.1 was discovered to contain a SQL injection vulnerability via the sort parameter. id: CVE-2024-32231 info: name: Stash Stash" tags: cve,cve2024,stash,sqli,vuln http: - raw: - | POST /graphql HTTP/1.1 Host: Hostname Content-type: application/json...

6.3CVSS6.1AI score0.0117EPSS
Exploits0References5
EUVD
EUVD
added 4 days ago6 views

EUVD-2025-210453

HestiaCP before 1.9.5 contains a stored cross-site scripting vulnerability that allows authenticated low-privilege users to inject arbitrary HTML by creating a DNS record with a double-quote followed by a script payload in the value field. The application fails to apply htmlspecialchars encoding ...

5.1CVSS6.2AI score0.00181EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2026/07/05 12:5 p.m.8 views

coreutils security update

An update is available for coreutils. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The coreutils packages contain the GNU Core Utilities and represent a...

4.4CVSS6AI score0.00224EPSS
Exploits0
OSV
OSV
added 2026/07/05 12:5 p.m.5 views

RLSA-2026:33124 Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongl...

6.4AI score0.00166EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 7:42 p.m.7 views

CVE-2026-53335

A flaw was found in the Linux kernel. The DAMONLRUSORT component, responsible for memory management, does not properly handle allocation failures of the damonctx object. This can lead to a NULL pointer dereference when damoncommitctx is called with a NULL ctx pointer, potentially causing a system...

5.8AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 6:16 p.m.9 views

CVE-2026-51946

SQL Injection vulnerability in GoAdminGroup GoAdmin last release v1.2.26 allows a remote attacker to execute arbitrary code and obtain sensitive information via the the sorttype URL parameter on all /admin/info/table endpoints...

6.5CVSS0.00336EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 2:16 p.m.5 views

CVE-2026-53335

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53334

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53335

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

6.2AI score0.00166EPSS
Exploits0References6
OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53334

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40969

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

6.2AI score0.00166EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.9 views

CVE-2026-53335

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

6.2AI score0.00166EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 1:32 p.m.7 views

EUVD-2026-40968

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 1:32 p.m.20 views

CVE-2026-53334

The CVE-2026-53334 entry concerns the Linux kernel’s DAMON subsystem (mm/damon/reclaim). Concrete details show that if damon_ctx allocations fail, code paths may dereference a NULL ctx pointer in the reclaim path, leading to a NULL dereference. The fix patches the init flow so that damon_reclaim_...

6.2AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 1:32 p.m.26 views

CVE-2026-53335

The CVE-2026-53335 issue affects the Linux kernel component mm/damon/lru_sort. It arises when damon_lru_sort_enabled_store() allocates a damon_ctx object and does not handle a failed allocation; if ctx is NULL, code can reach damon_commit_ctx() and dereference the NULL pointer. The documented fix...

6.2AI score0.00166EPSS
Exploits0References3
Fedora
Fedora
added 2026/07/01 1:22 a.m.12 views

[SECURITY] Fedora 43 Update: vmod-querystring-2.0.3-11.fc43

The purpose of this module is to give you a fine-grained control over a URL's query-string in Varnish Cache. It's possible to remove the query-string, clean it, sort its parameters or filter it to only keep a subset of them. This can greatly improve your hit ratio and efficiency with Varnish,...

5.6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/01 12:0 a.m.5 views

CVE-2026-51946

SQL Injection vulnerability in GoAdminGroup GoAdmin last release v1.2.26 allows a remote attacker to execute arbitrary code and obtain sensitive information via the the sorttype URL parameter on all /admin/info/table endpoints...

6.5CVSS6.2AI score0.00336EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 12:0 a.m.10 views

CVE-2026-51946

CVE-2026-51946 describes a SQL injection vulnerability in the GoAdminGroup GoAdmin project (GoAdmin) affecting the last release, v1.2.26. The issue, exploitable via the __sort_type URL parameter on all /admin/info/{table} endpoints, could allow a remote attacker to execute arbitrary code and disc...

6.5CVSS6.2AI score0.00336EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 5:21 p.m.16 views

CVE-2026-57954

Vulnerability summary (CVE-2026-57954) Elide 7.1.17 has a flaw in SortingImpl.getValidSortingRules where @ReadPermission is not enforced on client-supplied sort expressions. This allows attackers to sort collections by forbidden fields and infer hidden field values via row ordering analysis, leak...

5.3CVSS5.8AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder