Lucene search
K
AttackerkbRecent

74775 matches found

ATTACKERKB
ATTACKERKB
•added 2026/06/16 4:32 p.m.•3 views

CVE-2026-47934

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.7AI score0.00165EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/06/16 4:32 p.m.•3 views

CVE-2026-47963

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.7AI score0.00165EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/06/16 4:32 p.m.•3 views

CVE-2026-47964

DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.4AI score0.00199EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/06/16 4:32 p.m.•3 views

CVE-2026-47927

DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim mus...

5.5CVSS5.7AI score0.00165EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/06/16 3:57 p.m.•4 views

CVE-2026-10649

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...

8.6CVSS5.9AI score0.0044EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 3:18 p.m.•4 views

CVE-2026-12003

To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...

5.3CVSS5.8AI score0.00136EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
•added 2026/06/16 3:16 p.m.•3 views

CVE-2024-22451

Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution...

6.7CVSS6.1AI score0.00099EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 2026/06/16 2:52 p.m.•4 views

CVE-2026-12398

A command injection vulnerability was found in galaxyng. The dogitcheckout function in the legacy role import API v1 interpolates unsanitized git ref names branch/tag names into shell commands executed via subprocess.run with shell=True. An authenticated user who controls a git repository can...

7.5CVSS6.4AI score0.00889EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/06/16 1:28 p.m.•2 views

CVE-2026-10640

Zephyr's IPv6 Neighbor Discovery send paths netipv6sendna, netipv6sendns, netipv6sendrs in subsys/net/ip/ipv6nbr.c updated the per-interface ICMP-sent statistics by calling netpktifacepkt after netsenddatapkt had already returned successfully. On the success path the network stack owns and releas...

7.1CVSS5.8AI score0.0037EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:53 a.m.•5 views

CVE-2026-12329

Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12...

7.5CVSS5.8AI score0.00326EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:53 a.m.•3 views

CVE-2026-12328

Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

8.1CVSS5.9AI score0.00476EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•2 views

CVE-2026-12326

Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

8.1CVSS5.9AI score0.00251EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12317

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

7.5CVSS5.2AI score0.00288EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12314

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.2AI score0.00252EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12312

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.2AI score0.00252EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12310

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.2AI score0.00252EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12309

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

6.5CVSS5.2AI score0.00235EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12308

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.2AI score0.00261EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12307

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.2AI score0.00261EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12306

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.2AI score0.00261EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12305

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.2AI score0.00374EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12301

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.3CVSS5.2AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•7 views

CVE-2026-12300

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.3CVSS5.2AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•4 views

CVE-2026-12299

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.8AI score0.00306EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•6 views

CVE-2026-12298

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

7.5CVSS5.2AI score0.00306EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•2 views

CVE-2026-12297

Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00393EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•3 views

CVE-2026-12296

Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00393EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•3 views

CVE-2026-12295

Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00393EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•2 views

CVE-2026-12294

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

9.6CVSS5.8AI score0.00363EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•4 views

CVE-2026-12293

Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

9.8CVSS5.8AI score0.00302EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•3 views

CVE-2026-12292

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

8.1CVSS5.8AI score0.00398EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•3 views

CVE-2026-12291

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

8.8CVSS5.8AI score0.00382EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 11:52 a.m.•8 views

CVE-2026-12290

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

8.1CVSS5.2AI score0.00397EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/16 6:26 a.m.•5 views

CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

7.8CVSS5.8AI score0.00321EPSS
Exploits11References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/16 12:49 a.m.•2 views

CVE-2026-42014

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.8AI score0.0015EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
•added 2026/06/16 12:0 a.m.•3 views

CVE-2026-46448

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation...

8.5CVSS5.7AI score0.00272EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/15 7:15 p.m.•2 views

CVE-2026-52722

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS6AI score0.0031EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/15 7:15 p.m.•3 views

CVE-2026-52720

A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...

8.8CVSS6.6AI score0.0053EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
•added 2026/06/15 7:10 p.m.•2 views

CVE-2026-53704

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS5.9AI score0.00221EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
•added 2026/06/15 7:10 p.m.•2 views

CVE-2026-53703

A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...

7.1CVSS6AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/06/15 7:10 p.m.•3 views

CVE-2026-53705

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

7.6CVSS6.4AI score0.0031EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
•added 2026/06/15 5:30 a.m.•2 views

CVE-2026-12223

A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function modwebd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack need...

5.5CVSS5.7AI score0.01194EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/15 5:15 a.m.•2 views

CVE-2026-12222

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

8.6CVSS7.6AI score0.00371EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/15 5:0 a.m.•2 views

CVE-2026-12221

A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/startoffset results in stack-based buffer overflow. The attack needs to be...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/15 4:45 a.m.•3 views

CVE-2026-12220

A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function modupgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Upload handler. Such manipulation of the argument uid leads to stack-based buffer overflow. The attack...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/15 4:30 a.m.•2 views

CVE-2026-12219

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/15 4:15 a.m.•3 views

CVE-2026-12218

A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/12 9:42 a.m.•2 views

CVE-2026-48914

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...

6.7CVSS6AI score0.00121EPSS
Exploits0References5Affected Software7
ATTACKERKB
ATTACKERKB
•added 2026/06/12 12:5 a.m.•2 views

CVE-2026-45170

Idira Vendor PAM - Self-Hosted Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17...

8.8CVSS5.8AI score0.00105EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/11 5:54 p.m.•8 views

CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS6.2AI score0.0067EPSS
Exploits0References21
Total number of security vulnerabilities74775