5485 matches found
CVE-2026-31560
In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...
CVE-2026-5347
The HM Books Gallery WordPress plugin is affected up to version 4.8.0 by Missing Authorization to unauthenticated settings updates. The vulnerability resides in the admin_init hook that processes permalink settings updates (lines around 205–209 in wp-books-gallery.php), where the code only checks...
CVE-2026-5347 WP Books Gallery <= 4.8.0 - Missing Authorization to Unauthenticated Settings Update via 'permalink_structure' Parameter
The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admininit hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...
PT-2026-34854
The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admin init hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...
PT-2026-35023
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists in the build report function within xfrm user. The struct xfrm user report contains a u8 proto field followed by a struct xfrm selector, resulting in three byt...
EUVD-2026-24776
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smbgrantoplock smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is called. If...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013789)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013789 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011273)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011273 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007052)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007052 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: prevent kernel-infoleak syzbot found that tcfskbmoddump was copying four...
DNG File Fuzzer for Robustness
This Python script is a mutation-based fuzzing tool designed to test the robustness of DNG Digital Negative / TIFF-based file parsers by generating large numbers of corrupted or semi-valid image files. It works by starting from a minimal valid DNG structure, then applying random mutations to...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013025)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013025 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...
XiangShan 安全漏洞
XiangShan is an open-source high-performance RISC-V processor project developed by XiangShan in China. There is a security vulnerability in XiangShan, which stems from specially crafted read and write operations on the menvcfg structure, potentially causing the WPRI bit to be set unexpectedly,...
ROS-20260420-73-0035
Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260420-73-0037
Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260420-73-0034
Vulnerability in mediawiki due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260417-73-0034
Vulnerability in zabbix7-lts related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20260417-73-0036
Vulnerability in zabbix7.4 related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20260417-73-0009
Vulnerability in glpi-plugin-mreporting related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
ROS-20260417-73-0047
Vulnerability in glpi related to failure to take measures to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260417-73-0027
Vulnerability in rubygem-rack related to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...