Lucene search
+L

821 matches found

nuclei
nuclei
added yesterday65 views

Progress ShareFile Storage Zones Controller - Authentication Bypass

Customer Managed ShareFile Storage Zones Controller SZC contains an authentication bypass Execution After Redirect that allows unauthenticated attackers to access restricted configuration pages. This leads to changing system configuration and potential remote code execution. id: CVE-2026-2699 inf...

9.8CVSS7.2AI score0.49424EPSS
Exploits1References3
redhat
redhat
added 2026/06/30 1:11 p.m.4 views

postgresql: PostgreSQL: Information disclosure via externally-controlled format string in timeofday() function

A flaw was found in PostgreSQL. This vulnerability, an externally-controlled format string in the timeofday function, allows a remote attacker to craft specific timezone zones. Successful exploitation can lead to the retrieval of sensitive portions of server memory, potentially disclosing...

4.3CVSS6.1AI score0.00208EPSS
Exploits0References5
nessus
nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : bind (EulerOS-SA-2026-2434)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...

7.5CVSS6.1AI score0.01545EPSS
Exploits0References2
cve
cve
added 2026/06/25 12:59 p.m.16 views

CVE-2026-42388

Technical details are not publicly available in the provided documents. Monitor for updates.

5.9CVSS5.8AI score0.004EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/25 12:59 p.m.32 views

CVE-2026-42388 Missing input validation for catalog zones

Incomplete validation of the SOA record present in a catalog zone might lead to a crash...

5.9CVSS0.004EPSS
Exploits0References1
osv
osv
added 2026/06/25 12:59 p.m.1 views

CVE-2026-42388 Missing input validation for catalog zones

Incomplete validation of the SOA record present in a catalog zone might lead to a crash...

5.9CVSS5.9AI score0.004EPSS
Exploits0References5
nessus
nessus
added 2026/06/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-52992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/adfs: validate nzones in adfsvalidatebblk Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When...

7.8CVSS6.1AI score0.00138EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/24 8:45 p.m.10 views

CVE-2026-53127

A flaw was found in the Linux kernel's block subsystem. This vulnerability allows for a memory leak when zone revalidation fails, specifically when blkrevalidatediskzones encounters an error after memory has been allocated for zonescond. This can lead to resource exhaustion, potentially resulting...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References4
nvd
nvd
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52992

In the Linux kernel, the following vulnerability has been resolved: fs/adfs: validate nzones in adfsvalidatebblk Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When nzones is 0, adfsreadmap passes it to kmallocarray0, ... which return...

7.8CVSS0.00138EPSS
Exploits0References8
cve
cve
added 2026/06/24 4:29 p.m.16 views

CVE-2026-52992

CVE-2026-52992 is a Linux kernel vulnerability affecting ADFS boot-time validation. The issue arises when nzones equals 0 during adfs boot-block validation, leading to an out-of-bounds write (adfs_map_layout writes dm[-1]) via kmalloc_array(0, …). A fix adds the equivalent rejection in adfs_valid...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References8Affected Software1
osv
osv
added 2026/06/24 4:29 p.m.5 views

CVE-2026-52992 fs/adfs: validate nzones in adfs_validate_bblk()

In the Linux kernel, the following vulnerability has been resolved: fs/adfs: validate nzones in adfsvalidatebblk Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When nzones is 0, adfsreadmap passes it to kmallocarray0, ... which return...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References11
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dm: fixed the unlocked test for dmsuspendedmd. The function dmblkreportzones checks whether the device is suspended using the dmsuspendedmd call. However, this function is called without holding any locks, so the device may be...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2
euvd
euvd
added 2026/06/23 4:14 p.m.6 views

EUVD-2026-38501

A missing access control check when linking banners or campaigns to a zone through the zone-include.php script of Revive Adserver 6.0.6 and earlier, or via its API allows a low‑privileged user could link their zones to banners or campaigns owned by other managers on the same instance, resulting i...

4.3CVSS5.8AI score0.00235EPSS
Exploits1References1
euvd
euvd
added 2026/06/10 1:6 p.m.11 views

EUVD-2026-36023

Missing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine other users' configured timezone and to enumerate view names of other users' "My Views"...

4.3CVSS5.5AI score0.00234EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/10 12:0 a.m.12 views

PT-2026-48424

Name of the Vulnerable Software and Affected Versions Jenkins versions prior to 2.567 Jenkins LTS versions prior to 2.555.2 Description Missing permission checks allow attackers with Overall/Read permission to determine the configured timezone of other users and enumerate view names within other...

4.3CVSS5.2AI score0.00234EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.14 views

Jenkins 安全漏洞

Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Jenkins versions 2.567 and earlier, as well as LTS 2.555.2 and earlier, have security vulnerabilitie...

4.3CVSS5.3AI score0.00234EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the dmblkreportzones function to test the suspended state of devices without holding a...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References1
nessus
nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.10.1 : dhcp (EulerOS-SA-2026-2017)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into...

8.6CVSS5.6AI score0.15465EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/06/05 7:20 p.m.10 views

CVE-2026-41234

Froxlor is open source server administration software. Prior to version 2.3.7, the DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record...

7.6CVSS5.5AI score0.0027EPSS
Exploits0References1
nvd
nvd
added 2026/06/04 7:16 p.m.14 views

CVE-2026-41234

Froxlor is open source server administration software. Prior to version 2.3.7, the DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record...

7.6CVSS0.0027EPSS
Exploits0References3
Rows per page
Query Builder