Lucene search
K

6884 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in...

7.8CVSS5.5AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added last week3 views

EUVD-2026-38838

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...

5.7AI score0.00184EPSS
Exploits0References9
NVD
NVD
added last week10 views

CVE-2026-53092

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS0.00123EPSS
Exploits0References6
Cvelist
Cvelist
added last week30 views

CVE-2026-53092 bpf: Fix linked reg delta tracking when src_reg == dst_reg

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS0.00123EPSS
Exploits0References3
EUVD
EUVD
added last week4 views

EUVD-2026-38960

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

5.5AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52105

Name of the Vulnerable Software and Affected Versions Sentry versions 24.4.0 through 26.5.1 Description A Regular Expression Denial of Service ReDoS exists in the event ingestion pipeline. This occurs when a regular expression is applied to attacker-controlled fields on incoming events, allowing...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51986

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF Berkeley Packet Filter verifier regarding linked register delta tracking. When the source register src reg and destination register dst reg are pointers to the...

5.9AI score0.00123EPSS
Exploits0References5
NVD
NVD
added 2026/06/22 2:17 p.m.13 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 1:2 p.m.3 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 1:2 p.m.7 views

EUVD-2026-38239

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS5.9AI score0.0033EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 1:2 p.m.36 views

CVE-2026-56450 AIL Framework - Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.6 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.8AI score0.00096EPSS
Exploits0References5
NVD
NVD
added 2026/06/21 5:16 p.m.11 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added 2026/06/21 9:16 a.m.12 views

CVE-2026-12789

A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file components/ILIAS/Tracking/classes/class.ilTrQuery.php of the component Learning Progress Tracking. Such manipulation of the argument trouptablenav leads t...

5.8CVSS0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/21 8:0 a.m.8 views

CVE-2026-12789

A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file components/ILIAS/Tracking/classes/class.ilTrQuery.php of the component Learning Progress Tracking. Such manipulation of the argument trouptablenav leads t...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/21 8:0 a.m.24 views

CVE-2026-12789

The CVE concerns ILIAS Learning Management System 11.0. The vulnerability affects the function ilTrQuery::executeQueries (file: components/ILIAS/Tracking/classes/class.ilTrQuery.php) in the Learning Progress Tracking component. The issue arises from manipulation of the troup_table_nav argument, l...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/21 8:0 a.m.10 views

EUVD-2026-38153

A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file components/ILIAS/Tracking/classes/class.ilTrQuery.php of the component Learning Progress Tracking. Such manipulation of the argument trouptablenav leads t...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/21 8:0 a.m.34 views

CVE-2026-12789 ILIAS Learning Management System Learning Progress Tracking class.ilTrQuery.php executeQueries sql injection

A vulnerability was identified in ILIAS Learning Management System 11.0. This issue affects the function ilTrQuery::executeQueries of the file components/ILIAS/Tracking/classes/class.ilTrQuery.php of the component Learning Progress Tracking. Such manipulation of the argument trouptablenav leads t...

5.8CVSS0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.12 views

PT-2026-51207

Name of the Vulnerable Software and Affected Versions ILIAS Learning Management System version 11.0 Description An issue exists in the Learning Progress Tracking component within the ilTrQuery::executeQueries function of the components/ILIAS/Tracking/classes/class.ilTrQuery.php file. Remote...

5.8CVSS5.8AI score0.00206EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fixed the issue with zerovruntime tracking. John reported that stress-ng-yield could cause his machine to behave abnormally. He managed to bisect the process to commit the change identified as b3d99f43c72b „sched/fair...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
Rows per page
Query Builder