Lucene search
K

16 matches found

Vulnrichment
Vulnrichment
added 2026/05/27 4:29 a.m.10 views

CVE-2026-6287 ShopLentor - WooCommerce Builder for Elementor & Gutenberg <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Product Grid 'blockUniqId' Block Attribute

The ShopLentor - WooCommerce Builder for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockUniqId' block attribute in multiple Product Gride blocks in versions up to, and including, 3.3.8 due to insufficient input sanitization and output escapin...

5.4CVSS6AI score0.00197EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 4:29 a.m.9 views

CVE-2026-6287

The ShopLentor - WooCommerce Builder for Elementor & Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blockUniqId' block attribute in multiple Product Gride blocks in versions up to, and including, 3.3.8 due to insufficient input sanitization and output escapin...

5.4CVSS6AI score0.00197EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/23 11:12 a.m.34 views

CVE-2026-31532 can: raw: fix ro->uniq use-after-free in raw_rcv()

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

7.8CVSS0.00124EPSS
Exploits0References9
CVE
CVE
added 2026/04/23 11:12 a.m.100 views

CVE-2026-31532

CVE-2026-31532 affects the Linux kernel’s raw CAN socket implementation. A use-after-free can occur when, during unregistration of CAN receive filters, the kernel defers receiver deletion with RCU and frees per-CPU storage ro-&gt;uniq too early in raw_release(). The fix moves free_percpu(ro-&gt;u...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.10 views

PT-2026-34658

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the SocketCAN subsystem of the Linux kernel. The raw release function unregisters raw CAN receive filters through can rx unregister, but the deletion of the...

7.8CVSS5.9AI score0.00124EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of a freed resource after the release of the ro-uniq operation in rawrcv. This could le...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : coreutils-8.4-31.2.0.1.AXS4 (AXSA:2014-028:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-028:01 advisory. These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. Security issues fixed...

4.3CVSS6.2AI score0.07238EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-0256

Malware in sbrugna...

2.1CVSS5.4AI score0.00384EPSS
Exploits0References9
F5 Networks
F5 Networks
added 2023/02/21 7:46 p.m.50 views

K16859: SUSE coreutils vulnerabilities CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223

Security Advisory Description CVE-2013-0221 The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer...

4.3CVSS5.7AI score0.07238EPSS
Exploits2Affected Software18
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.2 views

SUSE CVE-2013-0222

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function...

2.1CVSS7.2AI score0.00384EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.5 views

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command which triggers a stack-based buffer overflow in the alloca function.

...

2.1CVSS7AI score0.00384EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2013/11/23 6:55 p.m.36 views

CVE-2013-0222

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function...

2.1CVSS6.2AI score0.00384EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/11/20 4:43 p.m.2 views

coreutils: segfault in uniq with long line input

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function...

2.1CVSS6.5AI score0.00384EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/09/26 12:0 a.m.37 views

SuSE 11.2 / 11.3 Security Update : coreutils (SAT Patch Numbers 8334 / 8336)

This coreutils update fixes three minor security issues : - VUL-1: CVE-2013-0221: segmentation fault in 'sort -d' and 'sort -M' with long line input. bnc798538 - VUL-1: CVE-2013-0222: segmentation fault in 'uniq' with long line input. bnc796243 - VUL-1: CVE-2013-0223: segmentation fault in 'join...

4.3CVSS5.6AI score0.07238EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2013/04/20 12:0 a.m.38 views

Mandriva Linux Security Advisory : coreutils (MDVSA-2013:023-1)

Multiple vulnerabilities has been found and corrected in coreutils : Long line inputs could trigger a segfault in the sort, uniq and join utilities CVE-2013-0221, CVE-2013-0222, CVE-2013-0223. The updated packages have been patched to correct these issues. %NASLMINLEVEL 70300 C Tenable Network...

4.3CVSS5.6AI score0.07238EPSS
Exploits2References6
securityvulns
securityvulns
added 2013/03/24 12:0 a.m.43 views

sort, uniq, join utilities resources exhaustion

Resources exhaustion on oversized string...

4.3CVSS3.3AI score0.07238EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder