Lucene search
K

313 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005184)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005184 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0...

7.8CVSS6.7AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003769 advisory. An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because...

4.9CVSS6.5AI score0.0173EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003346)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003346 advisory. fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink...

5.5CVSS6.9AI score0.00486EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2026/01/14 12:26 a.m.5 views

SUSE CVE-2025-71069

In the Linux kernel, the following vulnerability has been resolved: f2fs: invalidate dentry cache on failed whiteout creation F2FS can mount filesystems with corrupted directory depth values that get runtime-clamped to MAXDIRHASHDEPTH. When RENAMEWHITEOUT operations are performed on such...

6.2AI score0.00173EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 8 : kernel-4.18.0-553.63.1.el8_10 (AXSA:2025-10602:47)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10602:47 advisory. kernel: tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 kernel: net: ch9200: fix uninitialised access during miinwayrestart...

7.8CVSS7.2AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000281 advisory. An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because...

4.9CVSS6.5AI score0.0173EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.12 views

PT-2026-27716

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the pipapo set type in the netfilter module. A large number of expired elements can cause the garbage collection process to run fo...

7.8CVSS5.8AI score0.00119EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/04 4:15 a.m.13 views

CVE-2025-10304

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the processstatusunlink function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticated...

5.3CVSS5.4AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/03 3:27 a.m.4 views

EUVD-2025-200726

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the processstatusunlink function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticated...

5.3CVSS5AI score0.00196EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.9 views

PT-2025-48791

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the process status unlink function in all versions up to, and including, 2.3.8. This makes it possible for unauthenticate...

5.3CVSS5.4AI score0.00196EPSS
Exploits0References3
NVD
NVD
added 2025/11/28 4:16 a.m.6 views

CVE-2025-13737

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink th...

4.3CVSS0.00129EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/28 3:27 a.m.3 views

CVE-2025-13737 Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink th...

4.3CVSS4.9AI score0.00129EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/28 3:27 a.m.6 views

CVE-2025-13737 Nextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social Login

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink th...

4.3CVSS0.00129EPSS
Exploits0References3
CVE
CVE
added 2025/11/28 3:27 a.m.13 views

CVE-2025-13737

The CVE-2025-13737 entry covers the WordPress plugin Nextend Social Login and Register (WordPress Nextend Facebook Connect) with a Cross-Site Request Forgery (CSRF) vulnerability tracked up to version 3.1.21. The underlying issue is missing or incorrect nonce validation in the unlinkUser function...

4.3CVSS4.9AI score0.00129EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.5 views

PT-2025-48311

The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.21. This is due to missing or incorrect nonce validation on the 'unlinkUser' function. This makes it possible for unauthenticated attackers to unlink th...

4.3CVSS5.2AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/27 12:58 a.m.10 views

CVE-2025-66252

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink fails in statuscontents.php causing DoS. Due to the...

8.4CVSS6.9AI score0.00317EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/26 3:30 a.m.5 views

EUVD-2025-199680

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink fails in statuscontents.php causing DoS. Due to the...

8.4CVSS6.4AI score0.00317EPSS
Exploits1References2
NVD
NVD
added 2025/11/26 1:16 a.m.9 views

CVE-2025-66252

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink fails in statuscontents.php causing DoS. Due to the...

8.4CVSS0.00317EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/26 12:34 a.m.10 views

CVE-2025-66252 Infinite Loop Denial of Service via Failed File Deletion

Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Infinite loop when unlink fails in statuscontents.php causing DoS. Due to the...

8.4CVSS0.00317EPSS
Exploits1References1
CVE
CVE
added 2025/11/26 12:34 a.m.12 views

CVE-2025-66252

CVE-2025-66252 affects the DB Electronica Mozart FM Transmitter family (versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000). Root cause: a failed unlink() in status_contents.php is performed inside a while loop, so if a file is immutable or the process lacks delete permissions, th...

8.4CVSS6.5AI score0.00317EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder