Lucene search
K

318 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-13492

The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation of file-field values in the UsersWPValidation::validatefields function which falls through to sanitizetextfield for fields of type 'file',...

8.8CVSS0.00525EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-13492

The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation of file-field values in the UsersWPValidation::validatefields function which falls through to sanitizetextfield for fields of type 'file',...

8.8CVSS6AI score0.00525EPSS
Exploits0References9
Amazon
Amazon
added 6 days ago7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit CVE-2026-23449 In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux...

9.8CVSS6AI score0.00742EPSS
Exploits0
NVD
NVD
added 2026/07/01 4:16 p.m.38 views

CVE-2026-58029

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php,...

6.5CVSS0.00351EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:19 p.m.9 views

CVE-2026-58029

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php,...

5.3CVSS5.8AI score0.00351EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.8 views

SUSE CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.15 views

CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS0.00138EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38974

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not allow deleting local storage in NMI Currently, local storage may deadlock when deferring freeing selem or local storage through kfreercu, callrcu or callrcutaskstrace in NMI or reentrant. Since deleting selem in NMI i...

5.8AI score0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52000

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the Linux kernel when deleting local storage within a Non-Maskable Interrupt NMI or reentrant context. This happens when freeing storage elements through kfree rc...

6AI score0.00145EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.17 views

Fedora 44 : pie (2026-e5d5fc359d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e5d5fc359d advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

6.4AI score
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/01 7:40 a.m.21 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013...

8.8CVSS6.5AI score0.00604EPSS
Exploits2References294
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:4 a.m.7 views

btrfs: fix missing last_unlink_trans update when removing a directory

...

6.1CVSS5.4AI score0.00128EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.13 views

SUSE CVE-2026-46160

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix missing lastunlinktrans update when removing a directory When removing a directory we are not updating its lastunlinktrans field, which can result in incorrect fsync behaviour in case some one fsyncs the directory afte...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.40 views

Linux Distros Unpatched Vulnerability : CVE-2026-46160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix missing lastunlinktrans update when removing a directory When removing a directory we are not updating its lastunlinktrans field, which can result in...

5.5CVSS6.7AI score0.00128EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46160

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix missing lastunlinktrans update when removing a directory When removing a directory we are not updating its lastunlinktrans field, which can result in incorrect fsync behaviour in case some one fsyncs the directory afte...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.36 views

CVE-2026-46160 btrfs: fix missing last_unlink_trans update when removing a directory

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix missing lastunlinktrans update when removing a directory When removing a directory we are not updating its lastunlinktrans field, which can result in incorrect fsync behaviour in case some one fsyncs the directory afte...

0.00128EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.17 views

SUSE CVE-2026-46002

In the Linux kernel, the following vulnerability has been resolved: ext2: reject inodes with zero inlink and valid mode in ext2iget ext2iget already rejects inodes with inlink == 0 when imode is zero or idtime is set, treating them as deleted. However, the case of inlink == 0 with a non-zero mode...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.26 views

PT-2026-44283

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the btrfs file system where the last unlink trans field is not updated when removing a directory. This can lead to incorrect fsync behavior if a user performs an fsync...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43869

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext2 filesystem where the ext2 iget function fails to reject inodes that have a link count i nlink of zero while maintaining a valid mode and a zero deletion time ...

5.5CVSS6AI score0.00123EPSS
Exploits0
NVD
NVD
added 2026/05/21 10:16 a.m.15 views

CVE-2026-45251

A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object being freed while the thread remains blocked. In this situation, t...

7.8CVSS0.0017EPSS
Exploits0References1
Rows per page
Query Builder