Lucene search
K

1693 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Preventing memory corruption due to DMA mapping failures If msdcpreparedata fails to map the DMA region, the request is not prepared for data reception. However, msdcstartdata proceeds with the DMA operation using the...

7.8CVSS6.2AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

A stop condition for the iterator was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox versions less than 12...

5.9CVSS6.8AI score0.00218EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In usbnet, there was a flaw where unregisternetdev was called before -unbind. The commit with the commit ID 2c9d6c2b871d “usbnet: run unbind before unregisternetdev” was intended to fix a use-after-free issue when disconnecting U...

7.8CVSS6.2AI score0.00251EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: – In ext4, there’s a issue where the timer used after free is corrupted upon a failed mount. Syzbot has identified an ODEBUG bug in the ext4fillsuper function. The deltimersync function cancels the serrreport timer, which...

7.8CVSS6.3AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: kunit: Fixed the kthread reference issue. There is a race condition that occurs when a kthread completes its operation after the deadline but before the call to kthreadstop. This may lead to objects being used after they have bee...

7CVSS5.8AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: The napisynchronize function was removed from igbdown. When an AFXDP zero-copy application terminates abruptly e.g., using kill -9, the XSK buffer pool is destroyed, but NAPI polling continues. The igbcleanrxirqzc functio...

5.5CVSS5.6AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘media: iris’: Add a sanity check for stopping streaming.” This change is reflected in the commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. The check that previously skipped “stopstreaming” when the instance was in...

5.5CVSS5.9AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fixed the field masks for the GENERICCMD register for IPA v5.0+. The field masks have been adjusted to match the hardware layout documented in downstream GSI GSIV30EEnGSIEEGENERICCMD. Notably, this fixes a warning that ...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50829

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP affected versions not specified Description An Expected Behavior Violation allows a remote attacker to cause a denial-of-service DoS condition. By continuously...

8.7CVSS5.9AI score0.00367EPSS
Exploits0References7
NVD
NVD
added 2026/06/15 9:17 p.m.7 views

CVE-2026-48876

Unauthenticated Cross Site Scripting XSS in Stop Spammers = 2026.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.25 views

CVE-2026-48876 WordPress Stop Spammers plugin <= 2026.3 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Stop Spammers = 2026.3 versions...

7.1CVSS0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.7 views

EUVD-2026-36853

Unauthenticated Cross Site Scripting XSS in Stop Spammers = 2026.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.21 views

CVE-2026-48876

CVE-2026-48876 is an unauthenticated XSS in the WordPress Stop Spammers plugin (versions

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49483

Unauthenticated Cross Site Scripting XSS in Stop Spammers = 2026.3 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.10 views

CVE-2026-41662

Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership contains this safety check, but the current code path bypasses...

5.2CVSS5.4AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5741

A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...

7.5CVSS6.8AI score0.01338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.9 views

CVE-2026-42276

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...

4.3CVSS5.4AI score0.00279EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39848

Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A remote attacker can cause a logged-in administrator's browser to request /apps/action.php?action=stop= or...

6.5CVSS5.5AI score0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.9 views

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS5.5AI score0.0027EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46327

Unauthenticated Local File Inclusion in AirSupply = 2.0.0 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References2
Rows per page
Query Builder