Lucene search
K

5485 matches found

UbuntuCve
UbuntuCve
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31560

In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...

5.5CVSS5.5AI score0.00122EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 5:29 a.m.13 views

CVE-2026-5347

The HM Books Gallery WordPress plugin is affected up to version 4.8.0 by Missing Authorization to unauthenticated settings updates. The vulnerability resides in the admin_init hook that processes permalink settings updates (lines around 205–209 in wp-books-gallery.php), where the code only checks...

5.3CVSS5.8AI score0.00323EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/24 5:29 a.m.2 views

CVE-2026-5347 WP Books Gallery <= 4.8.0 - Missing Authorization to Unauthenticated Settings Update via 'permalink_structure' Parameter

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admininit hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...

5.3CVSS5.4AI score0.00323EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.9 views

PT-2026-34854

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admin init hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...

5.3CVSS5.8AI score0.00323EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.7 views

PT-2026-35023

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists in the build report function within xfrm user. The struct xfrm user report contains a u8 proto field followed by a struct xfrm selector, resulting in three byt...

9.8CVSS5.5AI score0.005EPSS
Exploits4References388
EUVD
EUVD
added 2026/04/22 3:31 p.m.4 views

EUVD-2026-24776

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smbgrantoplock smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is called. If...

5.7AI score0.0045EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013789 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...

5.5AI score0.00191EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011273)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011273 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory...

7.1CVSS5.8AI score0.0017EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007052 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: prevent kernel-infoleak syzbot found that tcfskbmoddump was copying four...

5.5CVSS6.4AI score0.00232EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/04/21 12:0 a.m.11 views

DNG File Fuzzer for Robustness

This Python script is a mutation-based fuzzing tool designed to test the robustness of DNG Digital Negative / TIFF-based file parsers by generating large numbers of corrupted or semi-valid image files. It works by starting from a minimal valid DNG structure, then applying random mutations to...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013025 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...

5.6AI score0.00199EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.8 views

XiangShan 安全漏洞

XiangShan is an open-source high-performance RISC-V processor project developed by XiangShan in China. There is a security vulnerability in XiangShan, which stems from specially crafted read and write operations on the menvcfg structure, potentially causing the WPRI bit to be set unexpectedly,...

7.8CVSS5.8AI score0.00112EPSS
Exploits0References2
Redos
Redos
added 2026/04/20 12:0 a.m.8 views

ROS-20260420-73-0035

Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

4.8CVSS6.2AI score0.00233EPSS
Exploits0
Redos
Redos
added 2026/04/20 12:0 a.m.5 views

ROS-20260420-73-0037

Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

4.8CVSS6.2AI score0.00218EPSS
Exploits0
Redos
Redos
added 2026/04/20 12:0 a.m.4 views

ROS-20260420-73-0034

Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

4.8CVSS6.2AI score0.00219EPSS
Exploits0
Redos
Redos
added 2026/04/17 12:0 a.m.5 views

ROS-20260417-73-0034

Vulnerability in zabbix7-lts related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

8.7CVSS6.1AI score0.0024EPSS
Exploits0
Redos
Redos
added 2026/04/17 12:0 a.m.6 views

ROS-20260417-73-0036

Vulnerability in zabbix7.4 related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

8.7CVSS6.2AI score0.0024EPSS
Exploits0
Redos
Redos
added 2026/04/17 12:0 a.m.5 views

ROS-20260417-73-0009

Vulnerability in glpi-plugin-mreporting related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

6.5CVSS6.2AI score0.00242EPSS
Exploits0
Redos
Redos
added 2026/04/17 12:0 a.m.6 views

ROS-20260417-73-0047

Vulnerability in glpi related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

9.8CVSS6.2AI score0.08741EPSS
Exploits0
Redos
Redos
added 2026/04/17 12:0 a.m.4 views

ROS-20260417-73-0027

Vulnerability in rubygem-rack related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

5.4CVSS6.8AI score0.00224EPSS
Exploits1
Rows per page
Query Builder