Lucene search
K

4527 matches found

CVE
CVE
added 2026/06/23 4:14 p.m.17 views

CVE-2026-34912

Affected software: Revive Adserver ≤ 6.0.6. Vulnerability: Missing access control when linking banners or campaigns to a zone via zone-include.php or the API. Impact (as stated): A low-privileged user could link zones to banners/campaigns owned by other managers on the same instance, causing inco...

4.3CVSS5.8AI score0.00235EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 4:14 p.m.13 views

CVE-2026-34915

CVE-2026-34915 affects Revive Adserver 6.0.6 and earlier due to missing sanitisation in zone-include.php, enabling a low-privileged attacker to exploit the clientid parameter to perform blind SQL injection. The public sources confirm input validation improvements were implemented to ensure all pa...

6.1CVSS6.1AI score0.00217EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:14 p.m.31 views

CVE-2026-34914

A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...

8.3CVSS0.00298EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 4:14 p.m.32 views

CVE-2026-34912

A missing access control check when linking banners or campaigns to a zone through the zone-include.php script of Revive Adserver 6.0.6 and earlier, or via its API allows a low‑privileged user could link their zones to banners or campaigns owned by other managers on the same instance, resulting i...

4.3CVSS0.00235EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51577

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2026.5.3 Description The LocationSensorManager BroadcastReceiver is exported without requiring permissions. This allows any installed application on the device, regardless of its runtime permissions, to send a...

7.1CVSS5.8AI score0.00113EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.12 views

PT-2026-53084

Name of the Vulnerable Software and Affected Versions 7-Zip for Windows versions prior to 26.02 Description 7-Zip fails to preserve the Mark-of-the-Web MotW when extracting a specially crafted RAR5 archive. The software uses a guard to suppress archive-supplied Zone.Identifier streams, but it onl...

4.8CVSS5.8AI score0.00119EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

SUSE SLES12 Security Update : amazon-ssm-agent (SUSE-SU-2026:2468-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2468-1 advisory. This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh...

10CVSS7AI score0.00868EPSS
Exploits3References52
OSV
OSV
added 2026/06/19 7:35 p.m.4 views

GHSA-X84V-G949-293W Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN

Summary The Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False. A comment next to that line says auth is instead handled "via the access token from configuration." That...

7.6CVSS6AI score0.00193EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/19 7:35 p.m.8 views

Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN

Summary The Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False. A comment next to that line says auth is instead handled "via the access token from configuration." That...

7.6CVSS6AI score0.00193EPSS
Exploits1References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal: The race that occurs during the removal of the thermal zone during resume can be avoided. Since thermalzonepmComplete and thermalzonedeviceresume reinitialize the delayed work of pollqueue for the given thermal zone,...

7.8CVSS6AI score0.00125EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fixed a crash that occurred when setting the number of CPU cores to an odd number. When the number of CPU cores is adjusted to 7 or other odd numbers, the size of the zones becomes an odd number. The addresses of thes...

5.5CVSS5.8AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dm: limiting swapping tables for devices with zone write plugs The dmrevalidatezones function only allows new or previously unzoned devices to call blkrevalidatediskzones. If the device was already zoned, disk-nrzones would alway...

5.5CVSS6.7AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powercap: armscmi: Recursion was removed during the parsing of zones. Powercap zones can be defined as being arranged in a hierarchical tree structure. When registering a zone using powercapregisterzone, the kernel’s powercap...

5.5CVSS5.3AI score0.00147EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Added a null pointer check to pszkmsgread. The kasprintf function returns a pointer to dynamically allocated memory, which may be NULL in case of failure. Ensure that the allocation was successful by checking the...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fixed the potential NULL pointer dereferencing issue. If sdprobe encounters an error before sdkp-device is initialized, sdzbcreleasedisk is called. This leads to a NULL pointer dereferencing issue when sdiszoned is call...

5.5CVSS5.4AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: Avoid scanning potential huge holes. When using devmrequestfreememregion and devmmemremappages to add ZONEDEVICE memory, if the end PFN of the requested free memory region is huge e.g., 0x400000000, then nodeendpfn...

5.5CVSS5.9AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Zoned – Initialize the device’s zone info for seeding When performing seeding on a zoned filesystem, it is necessary to initialize the btrfszoneddeviceinfo structure of each zoned device. Otherwise, mounting the filesystem...

5.5CVSS5.9AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Thermal: Fix for double-free on unregistration Since commit 3d439b1a2ad3 “thermal/core: Alloc-copy-free the thermal zone parameters structure”, the thermalzonedeviceregister function allocates a copy of the tzp argument and frees...

5.2AI score0.00156EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory upon removing a zone Since thermaldebugtzremove does not free all the memory allocated for thermal zone diagnostics, some of that memory becomes unreachable after freeing the...

5.5CVSS5.6AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...

5.5CVSS6.3AI score0.00143EPSS
Exploits0References2
Rows per page
Query Builder