Lucene search
K

3105 matches found

OSV
OSV
added 2026/05/27 2:16 p.m.6 views

UBUNTU-CVE-2026-45857

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...

5.7CVSS5.7AI score0.00156EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.47 views

CVE-2026-45929 ovpn: fix possible use-after-free in ovpn_net_xmit

In the Linux kernel, the following vulnerability has been resolved: ovpn: fix possible use-after-free in ovpnnetxmit When building the skblist in ovpnnetxmit, skbsharecheck will free the original skb if it is shared. The current implementation continues to use the stale skb pointer for subsequent...

7.8CVSS0.00157EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 5:31 a.m.25 views

CVE-2026-9014

The CVE describes a vulnerability in the WordPress WP Promoter plugin (versions

5.3CVSS5.8AI score0.00268EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43537

The GoStats for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the gostats manage function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS5.7AI score0.0014EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

WordPress plugin WP Promoter 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References3
OSV
OSV
added 2026/05/21 8:39 p.m.6 views

USN-8294-1 postgresql-14, postgresql-16, postgresql-17, postgresql-18 vulnerabilities

It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. CVE-2026-6472 It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker...

8.8CVSS6.3AI score0.00668EPSS
Exploits0References12
Ubuntu
Ubuntu
added 2026/05/21 8:39 p.m.14 views

USN-8294-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. CVE-2026-6472 It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker...

8.8CVSS6.3AI score0.00668EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/21 2:47 a.m.22 views

SUSE CVE-2024-0397

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...

4.8CVSS6.8AI score0.00804EPSS
Exploits0References22
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 3:8 p.m.12 views

Malicious code in @nutui/nutui-react-taro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71ad42f4bfd953311c2d69f622cc6e8d5193a8852ac0bbc9ea0781ac6b651390 The package's postinstall.js invokes execSync'npm-usage-stats disable' and execSync'npm-usage-stats', stdio: 'inherit' . The npm-usage-stats bin is...

6.4AI score
Exploits0References1
OSV
OSV
added 2026/05/20 3:8 p.m.13 views

MAL-2026-4409 Malicious code in @nutui/nutui-react-taro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71ad42f4bfd953311c2d69f622cc6e8d5193a8852ac0bbc9ea0781ac6b651390 The package's postinstall.js invokes execSync'npm-usage-stats disable' and execSync'npm-usage-stats', stdio: 'inherit' . The npm-usage-stats bin is...

6.4AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: hinic: Avoid kernel hangs in hinicgetstats64 When using the hinic device as a bonding slave device and reading statistics from the master bonding device, the kernel may hang. The kernel panic call trace is as follows: Kernel...

5.5CVSS5.9AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – A memory leak occurred due to multiple rxstats allocations. rxstats for each arsta is allocated when a station is added. arsta-rxstats will be freed when a station is removed. Redundant allocations occur when the...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed a potential Use-after-Allocation UAF in cifsstatsprocwrite. Skipped sessions that are being terminated status == SESEXITING to avoid UAF...

7.8CVSS5.5AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k – Fixed a memory leak in the WMI firmware stats. The memory allocated for firmware pdev, vdev, and beacon statistics is not released during the rmmod process. This issue was fixed by calling the ath11kfwstatsfree...

5.5CVSS5.8AI score0.00135EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...

9.1CVSS5.9AI score0.00442EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: move the initialization of the replycachestats counters back to nfsdinitnet. The commit f5f9d4a314da “nfsd: move the reply cache initialization into nfsd startup” moved the initialization of the reply cache into nfsd startu...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iptunnel: iptunnelxmitstats should be adapted to use NETDEVPCPUSTATDSTATS. The commits that caused this issue overlooked the fact that vxlan/geneve uses udptunnel6xmitskb, which calls iptunnelxmitstats. iptunnelxmitstats assumed...

8.2CVSS5.8AI score0.00299EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed a potential Use-after-Allocation UAF in cifsstatsprocshow. Skipped sessions that are being terminated status == SESEXITING to avoid UAF...

7.8CVSS5.8AI score0.00265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the removed entry’s percpu sta...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the pg_restore_attribute_stats() function in the PostgreSQL database management system allows a hacker to disclose protected information.

The vulnerability of the pgrestoreattributestats function in the PostgreSQL database management system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by this function...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References6Affected Software3
Rows per page
Query Builder