Lucene search
+L

204 matches found

nessus
nessus
added 2026/07/02 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets...

6AI score0.00164EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/07/01 7:51 p.m.5 views

CVE-2026-53352

A flaw was found in the Linux kernel. A race condition exists in the zapotherthreads function where job control flags are not properly cleared for the calling thread. This can occur when a multi-threaded process receives a stop signal, and one of its threads concurrently calls execve. The...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
nvd
nvd
added 2026/07/01 2:16 p.m.4 views

CVE-2026-53352

In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...

0.00164EPSS
Exploits0References8
debiancve
debiancve
added 2026/07/01 1:32 p.m.7 views

CVE-2026-53352

In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...

5.7AI score0.00164EPSS
Exploits0
euvd
euvd
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40986

In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...

5.8AI score0.00164EPSS
Exploits0References8
cve
cve
added 2026/07/01 1:32 p.m.23 views

CVE-2026-53352

Summary: CVE-2026-53352 affects the Linux kernel’s thread-stop handling. When a multi-threaded process receives a stop signal, do_signal_stop() sets JOBCTL_STOP_PENDING and JOBCTL_STOP_CONSUME on all threads and tracks group_stop_count. If one thread concurrently execs, zap_other_threads() kills ...

5.8AI score0.00164EPSS
Exploits0References8
osv
osv
added 2026/07/01 1:32 p.m.2 views

CVE-2026-53352 signal: clear JOBCTL_PENDING_MASK for caller in zap_other_threads()

In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...

5.8AI score0.00164EPSS
Exploits0References11
nvd
nvd
added 2026/06/24 2:17 p.m.10 views

CVE-2026-57301

Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller...

8.8CVSS0.0042EPSS
Exploits0References1
osv
osv
added 2026/06/24 2:17 p.m.4 views

CVE-2026-57301

Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller...

8.8CVSS6.4AI score
Exploits0References1
cve
cve
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57301

CVE-2026-57301 affects Jenkins OWASP ZAP Plugin,

8.8CVSS6.3AI score0.0042EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/06/24 1:20 p.m.36 views

CVE-2026-57301

Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller...

0.0042EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/24 1:20 p.m.5 views

CVE-2026-57301

Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller...

8.8CVSS6.3AI score0.0042EPSS
Exploits0References2
nessus
nessus
added 2026/06/24 12:0 a.m.7 views

Jenkins plugins Multiple Vulnerabilities (2026-06-24)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing...

8.8CVSS6.3AI score0.00595EPSS
Exploits0References29
nvd
nvd
added 2026/06/19 5:16 p.m.13 views

CVE-2017-20268

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS0.0027EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/19 4:11 p.m.32 views

CVE-2017-20268 Joomla! Component Zap Calendar Lite 4.3.4 SQL Injection

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS0.0027EPSS
Exploits0References4
euvd
euvd
added 2026/06/19 4:11 p.m.7 views

EUVD-2017-18995

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/19 4:11 p.m.7 views

CVE-2017-20268 Joomla! Component Zap Calendar Lite 4.3.4 SQL Injection

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
cve
cve
added 2026/06/19 4:11 p.m.20 views

CVE-2017-20268

The CVE covers Joomla! component Zap Calendar Lite 4.3.4, where an SQL injection via the eid parameter allows unauthenticated attackers to execute arbitrary SQL queries. Attack vectors include sending crafted GET requests to the RSVP endpoint to extract sensitive information, such as database nam...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/06/19 4:11 p.m.7 views

CVE-2017-20268

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/06/08 5:34 p.m.13 views

OPENSUSE-SU-2026:20928-1 Security update for syft

This update for syft fixes the following issues: Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier should distinguish between MySQL Cluster ndb and MySQL 3297 4907 @witchcraze - Catalog...

9.8CVSS7.5AI score0.01312EPSS
Exploits0References1
Rows per page
Query Builder