Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

137 matches found

RedhatCVE
RedhatCVEadded yesterday3 views

CVE-2026-46841

Vulnerability in Oracle REST Data Services component: General. Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle REST Data Services. Successful attacks of this vulnerability c...

5.3CVSS5.4AI score0.00033EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: The incorrect check in updateparentsubpartscpumask has been fixed. It was discovered that the check to determine whether a partition can use all the CPUs from the parent cpuset in updateparentsubpartscpumask was...

5.5CVSS5.9AI score0.00103EPSS
Exploits0References2
ICS
ICSadded 2026/05/12 12:0 a.m.11 views

Siemens SIPROTEC 5

SUMMARY The SIPROTEC 5 devices do not use sufficiently random numbers to generate session identifiers. This could facilitate a brute-force attack against a valid session identifier which could allow an unauthenticated remote attacker to hijack a valid user session. The affected session...

6.9CVSS7.2AI score0.00038EPSS
Exploits0References10
RedhatCVE
RedhatCVEadded 2026/05/08 7:33 p.m.8 views

CVE-2026-43343

A flaw was found in the usb: gadget: fsubset module of the Linux kernel. The gethfree function fails to decrement a reference count that was incremented by gethalloc. This unbalanced reference count can lead to a resource leak, preventing the configuration of attributes through the configfs...

5.5CVSS5.7AI score0.00013EPSS
Exploits0References4
NVD
NVDadded 2026/05/08 2:16 p.m.4 views

CVE-2026-43343

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...

5.5CVSS0.00013EPSS
Exploits0References8
UbuntuCve
UbuntuCveadded 2026/05/08 2:16 p.m.3 views

CVE-2026-43343

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...

5.5CVSS5.7AI score0.00013EPSS
Exploits0References10
Debian CVE
Debian CVEadded 2026/05/08 1:37 p.m.4 views

CVE-2026-43343

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...

5.5CVSS5.7AI score0.00013EPSS
Exploits0
CVE
CVEadded 2026/05/08 1:37 p.m.8 views

CVE-2026-43343

CVE-2026-43343 affects the Linux kernel USB gadget f_subset code. The vulnerability stems from an unbalanced reference count: geth_alloc() increments the refcount, but geth_free() does not decrement it, which can block configuration of attributes via configfs after unlinking the function. The con...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/05/07 3:47 a.m.34 views

CVE-2026-41674 xmldom: XML injection through unvalidated DocumentType serialization

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...

8.7CVSS0.0002EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/05/07 12:0 a.m.6 views

CVE-2026-41674

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...

8.7CVSS5.9AI score0.0002EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/05/01 8:53 p.m.2 views

CVE-2026-31723

A flaw was found in the Linux kernel's usb: gadget: fsubset component. This vulnerability arises from an issue in how network device resources are managed during the unbinding of a USB gadget function. When the parent device is destroyed, the associated network device may persist, creating...

5.5CVSS5.8AI score0.00015EPSS
Exploits0References4
CVE
CVEadded 2026/05/01 2:14 p.m.5 views

CVE-2026-31723

The CVE-2026-31723 issue affects the Linux kernel’s usb: gadget: f_subset component, where net_device resources are allocated during function instance creation and registered under the gadget device. On unbind, the parent device can be destroyed while the net_device remains, creating dangling sys...

5.5CVSS5.8AI score0.00015EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVEadded 2026/05/01 2:14 p.m.3 views

CVE-2026-31723

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds...

5.5CVSS5.7AI score0.00015EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2026/04/30 2:29 a.m.2 views

SUSE CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS4.1AI score0.00018EPSS
Exploits1References3
NVD
NVDadded 2026/04/28 7:16 a.m.4 views

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS0.00018EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2026/04/28 6:0 a.m.3 views

CVE-2026-7233 Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

4.8CVSS4.2AI score0.00018EPSS
Exploits1References6
EUVD
EUVDadded 2026/04/28 6:0 a.m.4 views

EUVD-2026-26000

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

4.8CVSS5AI score0.00018EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/04/28 6:0 a.m.28 views

CVE-2026-7233 Artifex MuPDF CFF Index subset-cff.c fz_subset_cff_for_gids out-of-bounds

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

4.8CVSS0.00018EPSS
Exploits1References6
CVE
CVEadded 2026/04/28 6:0 a.m.12 views

CVE-2026-7233

Technical details about CVE-2026-7233 are not publicly available in the provided documents; monitor for updates.

6.1CVSS4.4AI score0.00018EPSS
Exploits1References6Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/28 6:0 a.m.4 views

CVE-2026-7233

A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fzsubsetcffforgids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly...

6.1CVSS4.1AI score0.00018EPSS
Exploits1References6
Rows per page
Query Builder