Lucene search
K

396 matches found

CVE
CVE
added yesterday7 views

CVE-2026-53364

The CVE-2026-53364 entry concerns the Linux kernel Bluetooth HCI subsystem. A memory leak in hci_le_big_terminate() occurs when iso_list_data allocated via kzalloc_obj is not freed on an early return path after evaluating PA/BIG sync state (neither pa_sync_term nor big_sync_term flags set). This ...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-360 Session Fixation in ipsilon

A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active...

9.1CVSS5.7AI score0.02119EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : nghttp2 (EulerOS-SA-2026-2494)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...

7.5CVSS7.1AI score0.00775EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 4:16 p.m.10 views

CVE-2026-0828

Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...

7.5CVSS0.00461EPSS
Exploits2References2
CVE
CVE
added 2026/06/26 3:47 p.m.95 views

CVE-2026-0828

CVE-2026-0828 affects Safetica’s endpoint client x64, specifically the kernel driver ProcessMonitorDriver.sys (versions 10.5.75.0 and 11.11.4.0). The vulnerability stems from an IOCTL path that lacks proper caller privilege validation, allowing an unprivileged user with a handle to the device to ...

7.5CVSS6.1AI score0.00461EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/06/26 3:47 p.m.40 views

CVE-2026-0828 Kernel driver vulnerability in Safetica Endpoint Client

Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...

0.00461EPSS
Exploits2References1
Veracode
Veracode
added 2026/06/16 7:10 p.m.9 views

Denial Of Service (DoS)

Netty is vulnerable to Denial of Service DoS. The vulnerability is due to exposure of QUIC stateless reset tokens through connection ID generation, which allows an on-path attacker to derive the token and send spoofed Stateless Reset packets to terminate active connections...

4.8CVSS5.2AI score0.00204EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.17 views

BoxLite 安全漏洞

BoxLite is an open-source embedded microvirtual machine runtime developed by BoxLite. It provides hardware-isolated secure sandboxes for AI agents and code execution scenarios. Versions of BoxLite 0.8.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from using a...

6.5CVSS5.9AI score0.00268EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2026-2256)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...

7.5CVSS6.9AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.12.1 : nghttp2 (EulerOS-SA-2026-2082)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

7.5CVSS5.6AI score0.00775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2026-2107)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

7.5CVSS5.6AI score0.00775EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.12 views

CVE-2025-70795

STProcessMonitor 11.11.4.0, part of the Safetica Application suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...

5.5CVSS5.5AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-40136

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...

4.3CVSS5.4AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS5.6AI score0.0037EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 1:16 p.m.28 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS0.0037EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 10:40 a.m.12 views

EUVD-2026-34077

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 10:40 a.m.41 views

CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:40 a.m.14 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.20 views

PT-2026-45922

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes. This is caused by insufficient validation of user-supplied...

8.1CVSS6.1AI score0.0037EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/05/27 3:29 p.m.108 views

Exploit for CVE-2026-0828

CVE-2026-0828 — Safetica ProcessMonitorDriver.sys BYOVD PoC S...

6.2AI score0.00461EPSS
Exploits2
Rows per page
Query Builder