Lucene search
K

4552 matches found

CVE
CVE
added yesterday69 views

CVE-2026-15409

Summary: CVE-2026-15409 is a Server-Side Request Forgery (SSRF) affecting SonicWall SMA1000 Appliances (Work Place interface). A remote unauthenticated attacker could force the appliance to make requests to unintended locations. The vulnerability is rated CVSS v3.1: 10.0 (CRITICAL) with network a...

10CVSS7AI score
In wildExploits3References2Affected Software1
Cvelist
Cvelist
added yesterday33 views

CVE-2026-15409

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location...

Exploits3References1
AstraLinux
AstraLinux
added 6 days ago8 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: A race condition in espintcpclose has been fixed. This issue was discovered during a code audit. After espintcpclose is called, espintcptxwork can still be scheduled using functions like the Delayed ACK handler or...

7.8CVSS6AI score0.00101EPSS
Exploits0References4
CVE
CVE
added 2026/07/08 8:46 p.m.83 views

CVE-2026-8472

CVE-2026-8472 affects GitLab Enterprise Edition and reports a privilege/authorization issue where an authenticated user with minimal access could read work item metadata from private projects. The root cause is missing authorization checks, enabling unintended metadata access. Affected versions i...

4.3CVSS6AI score0.00243EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/07/08 8:46 p.m.34 views

CVE-2026-8472 Missing Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...

4.3CVSS0.00243EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/08 8:46 p.m.7 views

EUVD-2026-42405

GitLab has remediated an issue in GitLab EE affecting all versions from 18.9 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with minimal access permissions to read work item metadata from private projects due to...

4.3CVSS6AI score0.00243EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.10 views

PT-2026-56617

Name of the Vulnerable Software and Affected Versions GitLab EE versions 18.9 through 18.11.6 GitLab EE versions 19.0 through 19.0.3 GitLab EE versions 19.1 through 19.1.1 Description An issue exists where missing authorization checks could allow an authenticated user with minimal access...

4.3CVSS6.1AI score0.00243EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/07/03 3:5 a.m.8 views

SUSE CVE-2026-53097

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...

5.8AI score0.00168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53357

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: fix UAF in l2capsockcleanuplisten vs l2capconndel btacceptdequeue unlinks a not- yet-accepted child from the parent accept queue and releasesocks it...

7.8CVSS7.1AI score0.00165EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:3 a.m.11 views

SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

9.8CVSS6.9AI score0.03663EPSS
Exploits32References449
OSV
OSV
added 2026/06/30 8:30 a.m.3 views

CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS6.2AI score0.00361EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/29 3:8 p.m.9 views

CVE-2026-55686

A flaw was found in Podman. A remote attacker can exploit this vulnerability by running a malicious container image where the WORKDIR working directory path contains a symbolic link symlink. This can lead to the creation of a directory or modification of ownership on the host filesystem,...

5.8CVSS5.7AI score0.00317EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7915: fix use-after-free bugs in mt7915macdumpwork When the mt7915 pci chip is detaching, the mt7915crashdata is released in...

6.1AI score0.00168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in...

6.1AI score0.00168EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/27 1:12 a.m.5 views

[SECURITY] Fedora 44 Update: nginx-mod-js-challenge-0^20230517.gitda6852d-9.fc44

Simple JavaScript proof-of-work based access for Nginx with virtually no over head...

9.2CVSS7AI score0.03552EPSS
Exploits4
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-49355

OpenProject is open-source, web-based project management software. Prior to 17.4.0, GET /api/v3/meetings/:meetingid/agendaitems/:agendaitemid discloses private work package data from a linked work package that belongs to a private/inaccessible project. This vulnerability is fixed in 17.4.0...

4.3CVSS0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44735

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user with the viewsharedworkpackages permission. The authorization check operates at the project level onl...

6.5CVSS0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:32 p.m.24 views

CVE-2026-44735 OpenProject: Shares API Information Disclosure

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user with the viewsharedworkpackages permission. The authorization check operates at the project level onl...

6.5CVSS0.0027EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:32 p.m.6 views

CVE-2026-44735

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user with the viewsharedworkpackages permission. The authorization check operates at the project level onl...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/26 7:32 p.m.13 views

CVE-2026-44735

Technical details for CVE-2026-44735 are not publicly available in the provided documents. Monitor for updates.

6.5CVSS5.8AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder