Lucene search
K

1665 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.16 views

PT-2026-42455

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue in the accel/ivpu component allows the re-exporting of imported GEM Graphics Execution Manager objects. This occurs because the system fails to verify if a buffer is imported...

7.8CVSS6AI score0.00113EPSS
Exploits0References25
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP The ptpclocksettime function assumes that every ptpclock has implemented settime64. By using -EOPNOTSUPP as a stub, we prevent a NULL derefrence from occurring. This fix is similar to th...

5.8AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gve: Implement gettimex64 with -EOPNOTSUPP. At this time, gve has implemented a ptpclock that exclusively uses doAuxWork. ptpClockgettime and ptpSysoffset assume that every ptpclock has implemented either gettimex64 or...

5.7AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc calls in checkkfunccall. Such calls would be caught by fixupkfunccall if they aren’t eliminated through dead code elimination. However, this can lead ...

5.5CVSS5.3AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: do not emit a WARN when controlling PF is unavailable. In VFIO passthrough setups, it is possible to only pass through a PF that does not own the source timer. In such cases, the PTP controlling PF adapter-ctrlpf is nev...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: No longer allows guest users on multi-channel connections. This patch returns STATUSNOTSUPPORTED if the binding session is a guest session...

5.5CVSS5.8AI score0.00151EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: added the missing negotiatefeatures operation to the Hyper-V ops table. The commit a7075f501bd3 “ixgbevf: fixed mailbox API compatibility by negotiating supported features” added the.negotiatefeatures callback to...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0, prior to versions 5.0.7 and 4.2, prior to version 4.2.14. The getsupportedlanguagevariant function was susceptible to a denial-of-service attack when used with very long strings containing specific characters...

7.5CVSS6.8AI score0.28637EPSS
Exploits0References2
FreeBSD Advisory
FreeBSD Advisory
added 2026/05/20 12:0 a.m.6 views

FreeBSD-SA-26:18.setcred

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:18.setcred Security Advisory The FreeBSD Project Topic: Stack buffer overflow via setcred2 Category: core Module: setcred Announced: 2026-05-20 Credits: Ryan...

7.8CVSS6.4AI score0.00409EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/05/19 12:31 p.m.10 views

Vaadin Build Plugins is Affected by a Possible Information Disclosure Vulnerability

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References4Affected Software3
NVD
NVD
added 2026/05/17 5:16 a.m.27 views

CVE-2026-8733

A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and...

7.5CVSS0.00261EPSS
Exploits0References4
OSV
OSV
added 2026/05/16 6:17 a.m.17 views

MGASA-2026-0143 Updated golang packages fix security vulnerabilities

We are moving to a supported branch as ver. 1.24 reaches EOL. This update comes with the security vulnerabilities fixed in the 1.25 branch. Please see the links for details...

9.8CVSS5.8AI score0.00728EPSS
Exploits0References3
Mageia
Mageia
added 2026/05/16 6:17 a.m.14 views

Updated golang packages fix security vulnerabilities

We are moving to a supported branch as ver. 1.24 reaches EOL. This update comes with the security vulnerabilities fixed in the 1.25 branch. Please see the links for details...

9.8CVSS7.4AI score0.00728EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.60 views

Joern 4.0.539

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.20 views

PT-2026-41125

Name of the Vulnerable Software and Affected Versions eMagicOne Store Manager versions prior to 1.3.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data...

9.3CVSS5.9AI score0.00372EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/12 3:30 a.m.14 views

SUSE CVE-2026-43346

In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF which doesn't own the source timer. In that case the PTP controlling PF adapter-ctrlpf is never...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/11 12:32 p.m.35 views

EUVD-2026-29049

ATutor is vulnerable to Reflected XSS in /install/install.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...

5.1CVSS6AI score0.00391EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 10:16 a.m.16 views

CVE-2026-6909

ATutor is vulnerable to Reflected XSS in /install/upgrade.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...

5.1CVSS0.00391EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/11 9:40 a.m.7 views

CVE-2026-6909 Reflected XSS in ATutor

ATutor is vulnerable to Reflected XSS in /install/upgrade.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...

5.1CVSS6AI score0.00391EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 3:31 p.m.9 views

EUVD-2026-28737

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

5.7AI score0.00107EPSS
Exploits0References3
Rows per page
Query Builder