Lucene search
K

39149 matches found

Cvelist
Cvelist
added 2026/06/24 4:29 p.m.26 views

CVE-2026-52988 netfilter: nf_tables: join hook list via splice_list_rcu() in commit phase

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

7.1CVSS0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-52988

The CVE-2026-52988 issue affects the Linux kernel netfilter nf_tables code, specifically the join hook list updated via splice_list_rcu() during commit phases. The vulnerability arises when new hooks are published to the basechain/flowtable while a concurrent ruleset update is ongoing, potentiall...

7.1CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

8.1CVSS7.2AI score0.00421EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2026/06/24 12:3 p.m.7 views

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

9.6CVSS5.9AI score0.00476EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/24 10:0 a.m.11 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

9.1CVSS6.7AI score0.01557EPSS
Exploits1References3
NCSC
NCSC
added 2026/06/24 9:1 a.m.6 views

The vulnerabilities in libssh2 are addressed through libssh.

LibSSH has vulnerabilities in libssh2, including versions up to 1.11.1. The first vulnerability involves a denial-of-service attack during the pre-authentication phase, within the SSHMSGEXTINFO handler. A malicious SSH server can send a specially constructed extensioncount value, causing the clie...

9.2CVSS6.2AI score0.00732EPSS
Exploits10References2
NVD
NVD
added 2026/06/24 7:16 a.m.8 views

CVE-2026-10735

Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...

7.5CVSS0.00387EPSS
Exploits1References1
CVE
CVE
added 2026/06/24 7:14 a.m.15 views

CVE-2026-52930

The CVE concerns the Linux kernel’s shared memory (ipc/shm) subsystem, specifically the orphan cleanup path. The vulnerability arises because shm_destroy_orphaned() traverses shm IDs under shm_ids(ns).rwsem but shm_nattch can be updated while holding shm_perm.lock, and attach paths may modify it ...

5.7AI score0.00165EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52930

In the Linux kernel, the following vulnerability has been resolved: ipc/shm: serialize orphan cleanup with shmnattch updates shmdestroyorphaned walks the shm idr under shmidsns.rwsem, but that does not serialize all fields tested by shmmaydestroy. In particular, shmnattch is updated while holding...

5.6AI score0.00165EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/24 6:0 a.m.8 views

CVE-2026-10735

Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...

6.2AI score0.00387EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/24 6:0 a.m.6 views

EUVD-2026-38693

Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...

7.5CVSS6.2AI score0.00387EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.8 views

CVE-2026-9724

The MotorDesk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the motordeskadminhome function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS5.8AI score0.00145EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 5:33 a.m.8 views

CVE-2026-9724

The CVE concerns the MotorDesk WordPress plugin up to version 1.1.2 . It is vulnerable to Cross-Site Request Forgery (CSRF) due to missing/incorrect nonce validation on the function motordesk_admin_home . This allows unauthenticated attackers to modify the plugin’s configuration, including the se...

4.3CVSS5.8AI score0.00145EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51856

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer leak occurs in the ceph module within the ceph setxattr function. During a retry operation, the old blob variable can store the value of ci-i xattrs.prealloc blob, but the ceph...

6.1AI score0.00184EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52085

Name of the Vulnerable Software and Affected Versions HP Accessory WMI Provider installer affected versions not specified Description A security issue exists in the HP Accessory WMI Provider installer used for certain HP Docking Stations. This flaw could allow an attacker to achieve escalation of...

7.3CVSS6AI score0.00096EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf tables component where the process of joining the hook list during the commit phase was not handled safely. This could lead to unsafe netlink dump lis...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51677

Name of the Vulnerable Software and Affected Versions Welcome Software Publishing versions prior to 0.0.32 Description The plugin is subject to an Arbitrary Options Update issue caused by a missing capability check in the nc setOption function, which is exposed through the 'nc.setOption' XML-RPC...

8.8CVSS5.8AI score0.00463EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ipc/shm component where the shm destroy orphaned function iterates through the shm idr using shm idsns.rwsem, which fails to serialize all fields evaluated by shm...

5.9AI score0.00165EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

Oracle Linux 9 : unbound (ELSA-2026-24369)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24369 advisory. - Fix CVE-2026-33278 RHEL-177822 Fix CVE-2026-42944 RHEL-177936 Fix CVE-2026-42959 RHEL-177797 Tenable has extracted the preceding description block...

10CVSS6AI score0.01272EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Oracle Linux 9 : thunderbird (ELSA-2026-21381)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-21381 advisory. 140.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.11.0 - Add OpenELA debranding 140.11.0-1 - Update to 140.11.0 ESR...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References20
Rows per page
Query Builder