Lucene search
+L

382 matches found

Circl
Circl
added 2026/01/21 8:1 a.m.8 views

CVE-2026-24061

creationtimestamp| type| source ---|---|--- 2026-01-21 08:01:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcw7ecrteg25 2026-01-21 09:38:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcwers7abk2t 2026-01-21 12:18:21+00:00| seen|...

9.8CVSS8.3AI score0.98871EPSS
Exploits62References168
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004011 advisory. In the Linux kernel before 5.0.6, there is a NULL pointer dereference in dropsysctltable in fs/proc/procsysctl.c, related to putlinks, aka CID-23da9588037e. Tenable...

5.5CVSS6.6AI score0.00477EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/01/14 7:7 p.m.2 views

CVE-2026-22036

Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This...

7.5CVSS5.5AI score0.00433EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/10 2:57 a.m.10 views

CVE-2026-22597 Ghost has SSRF via External Media Inliner

Ghost is a Node.js content management system. In versions 5.38.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost’s media inliner mechanism allows staff users in possession of a valid authentication token for the Ghost Admin API to exfiltrate data from internal systems via SSRF...

5.1CVSS6.6AI score0.00265EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.7 views

CVE-2022-26301

TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App\Manage\Controller\ZhuantiController.class.php...

9.8CVSS8.3AI score0.01064EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.23 views

CVE-2023-45806

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...

5.4CVSS6.6AI score0.00999EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:24 a.m.10 views

CVE-2023-40662

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jonk @ Follow me Darling Cookies and Content Security Policy.This issue affects Cookies and Content Security Policy: from n/a through 2.15...

7.5CVSS7.8AI score0.00552EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:2 a.m.6 views

CVE-2023-25041

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Cththemes Monolit theme = 2.0.6 versions...

7.1CVSS5.8AI score0.00408EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/02 6:30 p.m.4 views

EUVD-2026-0064

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

5.5AI score
Exploits0References1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.7 views

WordPress plugin WP Adminify 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.4CVSS6.6AI score0.00214EPSS
Exploits0References1
Circl
Circl
added 2025/12/23 9:47 a.m.7 views

CVE-2022-50690

creationtimestamp| type| source ---|---|--- 2025-12-23 09:47:19+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3manhqpl7h42e...

8.5CVSS5.8AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:32 a.m.6 views

EUVD-2025-203058

The WPNakama plugin for WordPress is vulnerable to time-based SQL Injection via the 'orderby' parameter in all versions up to, and including, 0.6.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS6.3AI score0.00342EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

WordPress plugin WPNakama SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL...

7.5CVSS7.5AI score0.00342EPSS
Exploits0References7
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

DEBIAN-CVE-2022-50673

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4orphancleanup I caught a issue as follows: ================================================================== BUG: KASAN: use-after-free in listaddvalid+0x28/0x1a0 Read of size 8 at addr...

5.5AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 3:49 p.m.4 views

CVE-2022-50675

A vulnerability was found in the ARM64 Memory Tagging Extension MTE implementation in the Linux kernel. The PGmtetagged bit was being incorrectly set on pages that should not have MTE tags, causing conflicts with KASAN hardware tag checking. When pages are migrated, incorrect tags could be copied...

5.5CVSS6.2AI score0.00211EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/09 1:16 a.m.10 views

CVE-2022-50635

In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in archpreparekprobe I found a null pointer reference in archpreparekprobe: echo 'p cmdlineprocshow' kprobeevents echo 'p cmdlineprocshow+16' kprobeevents Kernel attempted to read user...

6.3AI score0.00178EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 1:16 a.m.5 views

CVE-2022-50648

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix recursive locking directmutex in ftracemodifydirectcaller Naveen reported recursive locking of directmutex with sample ftrace-direct-modify.ko: 74.762406 WARNING: possible recursive locking detected 74.762887 6.0.0-rc...

5.7AI score0.00162EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/08 11:32 p.m.10 views

CVE-2022-50626

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...

5.5CVSS5.7AI score0.00203EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/08 12:0 a.m.27 views

CVE-2025-65230

Barix Instreamer v04.06 and v04.05 contains a stored cross-site scripting XSS vulnerability in the Web UI Configuration Streaming Destination input...

0.00171EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 5:22 p.m.6 views

Malicious code in elf-stats-cocoa-train-606-pwn2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38b2f0588d3a0e33bfd993faa485a07e4cd60d4c7efb4c33ed006e9c29f20c50 The package elf-stats-cocoa-train-606-pwn2 was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder