Lucene search
K

12769 matches found

CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

likeadmin 注入漏洞

likeadmin is a general-purpose management backend development framework created by likeadmin’s individual developer. Versions of likeadmin 1.9.6 and earlier have a vulnerability related to injection attacks. This vulnerability stems from improper handling of the queryResult function in the...

5.8CVSS5.9AI score0.00253EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.4 views

PT-2026-35422

Name of the Vulnerable Software and Affected Versions plug cowboy versions 2.0.0 through 2.8.0 Description An unauthenticated remote attacker can cause a denial of service via atom table exhaustion. In HTTP/2 connections, the Plug.Cowboy.Conn.conn/1 function in lib/plug/cowboy/conn.ex calls...

8.7CVSS5.8AI score0.00545EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35492

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the Linux kernel's KASAN Kernel Address Sanitizer component. The kasan free pxd function incorrectly assumes that the page table is always aligned with stru...

9.8CVSS5.2AI score0.00525EPSS
Exploits0References324
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/26 5:45 p.m.7 views

Malicious code in @clearpool/table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79bdf65c3193663ec05f4281e94765c2106a6a5ce8bd9860a4cfcbaab419f0c9 The package @clearpool/table was found to contain malicious code. Source: ghsa-malware 34f072d9880102a7b4495043aa1155a43587246ae13f1974b107df2bbe4760...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/26 5:45 p.m.5 views

MAL-2026-3058 Malicious code in @clearpool/table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79bdf65c3193663ec05f4281e94765c2106a6a5ce8bd9860a4cfcbaab419f0c9 The package @clearpool/table was found to contain malicious code. Source: ghsa-malware 34f072d9880102a7b4495043aa1155a43587246ae13f1974b107df2bbe4760...

5.8AI score
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:3 a.m.8 views

media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections

...

5.5CVSS5.8AI score0.00125EPSS
Exploits0
OSV
OSV
added 2026/04/25 8:48 a.m.12 views

CLSA-2026-1776937700 mysql: Fix of CVE-2019-2627

CVE-2019-2627: fix crash when mysql.user table has missing password column...

4.9CVSS6.9AI score0.0301EPSS
Exploits0References1
CloudLinux
CloudLinux
added 2026/04/25 8:45 a.m.10 views

sqlite: Fix of CVE-2018-8740

CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...

7.5CVSS6.2AI score0.08186EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/25 1:36 a.m.5 views

SUSE CVE-2026-31659

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a large enough global TT, the ...

9.8CVSS5.6AI score0.00399EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/25 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RX hash table extraction in afalg without limiting the receive buffer budget. This could lead to...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/24 10:19 p.m.4 views

CVE-2026-31659

A flaw was found in the batman-adv component of the Linux kernel. A remote attacker can exploit this vulnerability by sending a specially crafted oversized global Topology Table TT response. This causes an integer overflow during memory allocation, leading to a heap overflow and memory corruption...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/24 8:52 p.m.3 views

CVE-2026-41478 Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through...

9.9CVSS5.8AI score0.00264EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/24 8:43 p.m.6 views

Cross-site Scripting (XSS)

Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Cross-site Scripting XSS through the HTML output rendering paths in the output formatter. An attacker can inject arbitrary markup or...

5.1CVSS5.3AI score0.00174EPSS
Exploits0References2
OSV
OSV
added 2026/04/24 5:34 p.m.10 views

CLSA-2026-1777052042 sqlite: Fix of CVE-2018-8740

CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...

7.5CVSS6.7AI score0.08186EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 5:25 p.m.7 views

CLSA-2026-1777051545 zsh: Fix of 3 CVEs

CVE-2018-1071: check bounds when copying path in hashcmd - CVE-2018-7549: avoid crash copying empty hash table - CVE-2018-13259: fix shebang line truncation in zexecve...

9.8CVSS6.8AI score0.02723EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/24 4:39 p.m.12 views

TYPO3 CMS Stores Cleartext Password in User Settings Module

Problem The backend user settings module SetupModuleController incorrectly conflates entity data like passwords or email address with user-interface settings like theme, display options when persisting changes. As a result, passwords were stored in cleartext in the uc and usersettings fields of t...

7.5CVSS5.5AI score0.00167EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/24 3:16 p.m.7 views

CVE-2026-31659

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a large enough global TT, the ...

9.8CVSS0.00399EPSS
Exploits0References8
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31659

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a large enough global TT, the ...

9.8CVSS5.4AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31600

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid large leaf mappings correctly It has been possible for a long time to mark ptes in the linear map as invalid. This is done for secretmem, kfence, realm dma memory un/share, and others, by simply clearing...

7.5CVSS5.4AI score0.0029EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:45 p.m.6 views

CVE-2026-31659

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a large enough global TT, the ...

5.5AI score0.00399EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder