Lucene search
K

1100 matches found

CVE
CVE
added 2 days ago13 views

CVE-2026-6382

The CVE affects multiple elFinder-based WordPress plugins: FileOrganizer (before 1.1.9), Advanced File Manager (before 5.4.12), File Manager Pro (before 2.1.1), and File Manager (before 8.0.4). The root cause is improper escaping of a parameter passed to a shell command during image operations, e...

9.1CVSS6AI score0.00902EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-53334

A flaw was found in the Linux kernel's Data Access Monitor DAMON reclaim and Least Recently Used LRU sort mechanisms. This vulnerability arises from an incorrect assumption that a memory allocation will always succeed. If the allocation fails, a NULL pointer is dereferenced, which can lead to...

5.8AI score0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 11:20 a.m.31 views

CVE-2026-53692 Weak hashing algorithm in Redeight CMS

Redeight CMS version 1.0 uses the MD5 algorithm without a salt to store user passwords. Because MD5 is a cryptographically broken algorithm and lacks salting, attackers who obtain the password hashes can trivially reverse them using rainbow tables, leading to the exposure of plaintext credentials...

5.9CVSS0.00082EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 8:17 p.m.2 views

DEBIAN-CVE-2026-53301

In the Linux kernel, the following vulnerability has been resolved: reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.7 views

CVE-2026-52965

A flaw was found in the Linux kernel's TTM Trusted Memory Manager component. When the ttmttswapout function fails, a resource is incorrectly added to the Least Recently Used LRU list. This misplacement can lead to an infinite loop during subsequent list processing, causing the system to become...

5.5CVSS5.8AI score0.00167EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38833

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00167EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52965

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure When ttmttswapout fails, the current code calls ttmresourceaddbulkmove followed by ttmresourcemovetolrutail to restore the resource's bulkmove membership. However,...

5.8AI score0.00167EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/22 12:0 p.m.5 views

MAL-2026-6313 Malicious code in @zynkit/jwtbytes (npm)

@zynkit/jwtbytes malicious version 0.5.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

6.5AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.8 views

PT-2026-51453

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.3 Description The application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by recaptcha...

7.4CVSS6AI score0.0029EPSS
Exploits1References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/migratedevice: Do not add the “folio” to be freed to the LRU list during migratedevicefinalize. If the migration succeeds, we call foliomigrateflags-memcgroupmigrate to migrate the memcg from the old to the new “folio”. This...

5.5CVSS6.3AI score0.00198EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. The snprintf function returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buff...

7.8CVSS6.2AI score0.00179EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/05 4:20 p.m.15 views

NocoDB: OAuth Authorization Code Race Condition

Summary Two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. Details The token-exchange flow read isused and called markAsUsed as an unconditional upda...

6.3CVSS5.6AI score0.00197EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.10 views

SUSE CVE-2026-45861

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

7.8CVSS5.8AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.13 views

SUSE CVE-2026-46067

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

5.5CVSS5.9AI score0.00117EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32327

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

5.8AI score0.00159EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46020

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...

7.1CVSS0.00124EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:16 p.m.24 views

CVE-2026-45861

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

7.8CVSS0.00159EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:16 p.m.8 views

UBUNTU-CVE-2026-45861

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/27 12:57 p.m.12 views

EUVD-2026-32449

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

5.9AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:57 p.m.26 views

CVE-2026-46067

CVE-2026-46067 affects the Linux kernel DAMON core. The issue arises because the code path in mm/damon/core validates the node-datas used by NODE-DATA() relies on damos_quota_goal->nid but does not validate its value, allowing an arbitrary nid to be supplied for node_memcg_{used,free}_bp. This...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder