Lucene search
K

22070 matches found

Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.5 views

PT-2026-52585

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A critical extension bypass exists in the ParseCRL Extensions function. The issue occurs when critical extensions in a Certificate Revocation List CRL—a list of...

5.3CVSS5.8AI score0.0018EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52572

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where an un-negotiated Raw Public Key RPK, as defined in RFC 7250, is accepted instead of an X.509 certificate, allowing the bypass of chain...

8.2CVSS5.7AI score0.00145EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.20 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fixed an issue with the irq assumption regression. The code in bmc150-accel-core.c unconditionally calls bmc150accelsetinterrupt in the iiobuffersetupops. This occurs, for example, during the runtime PM resume...

5.9AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: removed WARNONONCE when accessing the forward path array. Although unlikely, recent support for IPIP tunnels increases the chances of encountering this WARNONONCE if the user space manages to create a sufficiently long forwa...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

6.5CVSS5.8AI score0.00361EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 1:16 p.m.9 views

CVE-2026-12242

The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...

8.8CVSS0.00467EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 12:33 p.m.23 views

CVE-2026-12242

CVE-2026-12242 affects the WordPress AdRotate Banner Manager plugin up to version 5.17.7. The vulnerability is PHP Code Injection via the banner attribute of the adrotate shortcode, caused by insufficient validation and sanitization before concatenation into a PHP code string wrapped in W3 Total ...

8.8CVSS6.2AI score0.00467EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52916

In the Linux kernel, the following vulnerability has been resolved: batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once all fragments are collected and the packet is reassembled,...

5.5CVSS5.6AI score0.00177EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Oracle Linux 9 : cockpit (ELSA-2026-21468)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-21468 advisory. 356.2-1.0.1 - Apply the patch for duplicate reference Orabug: 39250109 - Storage: Enable btrfs support Orabug: 37464632 - Replaced upstream urls in documentati...

8CVSS7.7AI score0.01016EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 4:20 p.m.3 views

OPENSUSE-SU-2026:21155-1 Security update for hamlib

This update for hamlib fixes the following issues: Changes in hamlib: - Update to 4.7.2: Fix IC-7600/IC-7610 clock commands Icom: Add CWR to modes eligible for DSP filtering Kenwood: New model Hamgeek uSGX Various fixes for Skywatcher, DX-SR8, FT-710, FTX-1, IC-705, X6100 rigctld: Fix sendraw sta...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/23 1:27 p.m.2 views

SUSE-SU-2026:2584-1 Security update for exiv2

This update for exiv2 fixes the following issues - CVE-2021-34334: DoS due to integer overflow in loop counter bsc1189338. - CVE-2026-25884: out-of-bounds read in CrwMap: decode0x0805 bsc1259083. - CVE-2026-27596: integer overflow in LoaderNative: getData leads to out-of-bounds read bsc1259084. -...

8.1CVSS6.6AI score0.01104EPSS
Exploits1References9
OSV
OSV
added 2026/06/23 1:7 p.m.4 views

OPENSUSE-SU-2026:21154-1 Security update for ofono

This update for ofono fixes the following issues: Changes in ofono: - Reference the tracking bugs for the SMS/STK/USSD decoder security fixes applied upstream across the 2.14-2.17 updates: SMS decoder stack buffer overflows: CVE-2023-2794 boo1218292, CVE-2023-4232 boo1218293, CVE-2023-4233...

8.1CVSS6.8AI score0.0124EPSS
Exploits4References32
OSV
OSV
added 2026/06/23 12:46 p.m.2 views

OPENSUSE-SU-2026:21038-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References16
CVE
CVE
added 2026/06/23 12:13 p.m.21 views

CVE-2026-56315

CVE-2026-56315 affects the Python tool picklescan until version 1.0.4, which fails to block imports from at least seven standard library modules (e.g., uuid, _osx_support, _aix_support, _pyrepl.pager, imaplib). This allows adversaries to craft pickle files that import these unblocked modules to t...

9.8CVSS6.7AI score0.00757EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 9:37 a.m.4 views

OPENSUSE-SU-2026:21151-1 Security update for warewulf4

This update for warewulf4 fixes the following issues: Changes in warewulf4: - updated go-jose to fix CVE-2026-34986 bsc1262810 - chi is fixed in the upstream project - updating to v4.7.0 with following security fixes fixed CVE-2026-39821 bsc1266483 fixed CVE-2026-33814 bsc1265653 - v4.7.0 with...

9.6CVSS6.7AI score0.00781EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/23 7:44 a.m.4 views

CVE-2026-44170

A flaw was found in MariaDB server. When the CONNECT engine is installed and REST support is enabled on Windows, a user can exploit improper sanitization of the table HTTP attribute. This attribute is interpolated into the curl command line, allowing for arbitrary shell command execution on the...

9.9CVSS6.1AI score0.00797EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/23 12:0 a.m.4 views

Security update for hamlib (important)

openSUSE Security Update: Security update for hamlib Announcement ID: openSUSE-SU-2026:0212-1 Rating: important References: 1268628 1268629 Cross-References: CVE-2026-54634 Affected Products: openSUSE Backports SLE-15-SP7 An update that solves one vulnerability and has one errata is now available...

6.2AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 7:56 p.m.6 views

Moderate: Red Hat Security Advisory: crun security update

An update for crun is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.8CVSS5.9AI score0.00159EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/22 1:54 p.m.7 views

CVE-2026-47210

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. This sandbox escape vulnerability allows an attacker to execute arbitrary code in the host process. This occurs when untrusted code is executed with asynchronous async support on runtimes that expose WebAssembly...

9.8CVSS6.1AI score0.00507EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 5:55 a.m.13 views

Important: Red Hat Security Advisory: postgresql16 security update

An update for postgresql16 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.8CVSS6AI score0.00668EPSS
Exploits0References5
Rows per page
Query Builder