Lucene search
K

5488 matches found

CVE
CVE
added 2 days ago7 views

CVE-2026-55793

Craft CMS versions 5.0.0-RC1–5.9.22 are affected by a stored XSS in a Structure entry title. An author-level control panel user can insert malicious JavaScript into an entry title. When a victim with saveEntries permission drags another entry under the poisoned one in table view, the payload exec...

5.9CVSS5.7AI score0.00412EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-55793 Craft CMS: Stored XSS via Structure entry title in table view

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under th...

5.9CVSS0.00412EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52696

Name of the Vulnerable Software and Affected Versions Apache Kerby versions prior to 2.1.2 Description Sending a deeply nested ASN1 Abstract Syntax Notation One, a standard interface for describing data structures structure to a client or service can trigger a StackOverFlow Exception, resulting i...

6.5CVSS5.8AI score0.00294EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.26 views

CVE-2026-53182 wifi: nl80211: reject oversized EMA RNR lists

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS0.00138EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38898

In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...

5.7AI score0.00166EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52968

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

5.7AI score0.0018EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: Initialize struct tcife to prevent kernel leaks. In tcfconnmarkdump, the variable ‘opt’ was partially initialized using a specified initializer. As a result, the padding bytes remained uninitialized. The...

5.9AI score0.00164EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: Avoid exposing kernel data to user space through struct iwpoint struct iwpoint contains a 32-bit field on 64-bit architectures. c struct iwpoint void user pointer; / Pointer to the data in user space / u16 length; / Number ...

3.3CVSS5.7AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 1:16 a.m.11 views

CVE-2026-10645

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In ext2fetchdirentry subsys/fs/ext2/ext2diskops.c, the code only checks denamelen = EXT2MAXFILENAME and then copies the name with memcpy...

4.9CVSS0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 4:24 p.m.30 views

CVE-2017-20272 Joomla Ultimate Property Listing 1.0.2 SQL Injection via sf_selectuser_id

Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sfselectuserid parameter. Attackers can send GET requests to index.php with the option=comupl and...

8.8CVSS0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race involving destroyworkonstack. The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: drm/meson: fixed the shutdown crash when the component is not probed. When the main component is not probed—for example, when the dw-hdmi module is not yet loaded or during a probe delay—the following crash occurs during shutdown...

5.5CVSS5.6AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas-hwptlist twice. The hwpt is only added to the hwptlist during its creation; it is never added again. This issue seems to be leftover from previous revisions. Adding an hwpt twice may...

5.2AI score0.00189EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpib: A use-after-free occurred in the IO ioctl handlers. The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after the board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the...

7.8CVSS5.7AI score0.00131EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: locking/wwmutex/test: Fixed potential corruption of the workqueue. In some cases, when running with the test-wwmutex code, I observed odd behaviors where it seemed that flushworkqueue was returned before all work threads had...

7.8CVSS5.8AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actskbmod: prevent kernel-infoleak The syzbot discovered that tcfskbmoddump was copying four bytes from the kernel stack to user space 1. The issue here is that ‘struct tcskbmod’ has a four-byte hole. We need to cle...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in binutils

A flaw was discovered in Binutils. The thebfd field of the asymbol struct is uninitialized in the bfdmachogetsyntheticsymtab function, which may lead to an application crash and local denial of service...

5.5CVSS5.3AI score0.00384EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Process: Fix kernel information leakage The s12 element of the threadstruct may contain random kernel memory contents, which could potentially be leaked to the user space. This is a security flaw. To address this issue,...

7.1CVSS5.3AI score0.0017EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed a use-after-free bug related to the mm structure. Under certain conditions, such as MPIAbort, the hfi1 cleanup code may represent the last reference to the task’s mm structure. The hfi1mmurbunregister function...

7.8CVSS6.5AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Octeontx2-af: Added proper checks for fwdata. Firmware populates the MAC address, link modes supported, advertised, and EEPROM data in the shared firmware structure. Kernel access is allowed via the MAC block CGX/RPM. Accessin...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
Rows per page
Query Builder