Lucene search
K

418230 matches found

EUVD
EUVD
added 2026/06/25 12:58 p.m.5 views

EUVD-2026-39356

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:58 p.m.6 views

EUVD-2026-39352

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS5.8AI score0.00119EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:24 p.m.8 views

EUVD-2026-39351

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39350

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...

5.3CVSS6.1AI score0.00413EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39349

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS5.9AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39348

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39347

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:22 p.m.5 views

EUVD-2026-39346

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 11:57 a.m.4 views

EUVD-2026-39345

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS5.9AI score0.00479EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39331

A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

6.4CVSS5.8AI score0.00349EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39340

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs Why & How dpsdpmessagedebugfswrite dereferences connector-base.state-crtc without checking for NULL. A connector can be connected but not bound to any CRTC e.g...

5.9AI score0.00176EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39337

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

5.7AI score0.0014EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39343

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops Why & How All record-chain walk loops in biosparser.c and biosparser2.c use for;; and only terminate on a 0xFF recordtype sentinel or zero recordsize. A malformed VBIOS image...

5.7AI score0.00176EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39333

A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

5.5CVSS5.8AI score0.00324EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39332

Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

10CVSS5.9AI score0.00395EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39336

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

5.7AI score0.00431EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39344

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup counts in the CFG0..CFG2 registers. Kicking off a dispatch with a zero count in any of the three dimensions is invalid. First, the...

6AI score0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39342

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

6AI score0.00212EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39338

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

5.7AI score0.00129EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39339

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...

5.8AI score0.00176EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39341

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size Why & How The VBIOS integrated info tables v111 and v21 contain HdmiRegNum and Hdmi6GRegNum fields that are used as loop bounds when copying retimer I2C...

5.7AI score0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 9:31 a.m.7 views

EUVD-2026-39189

The Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for WordPress is vulnerable to generic SQL Injection via the 'postid' parameter in all versions up to, and including, 2.22.7 due to insufficient escaping on the user supplied parameter and lack of sufficie...

7.5CVSS6AI score0.00304EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 9:31 a.m.4 views

EUVD-2026-39188

The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce order parcel-locker destination to be updated, allowing unauthenticated attackers to silently redirect the shipping destination of any pending or...

7.5CVSS5.9AI score0.00208EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39187

The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks...

8.8CVSS5.8AI score0.00301EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.8 views

EUVD-2026-39186

The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently delete any user's course-progress records...

6.5CVSS5.8AI score0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39335

Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

9.4CVSS5.8AI score0.00293EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39334

Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...

2.4CVSS5.8AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39190

Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory...

6.8CVSS5.8AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39183

NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39184

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

7.2CVSS5.9AI score0.00265EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.6 views

EUVD-2026-39182

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score0.00303EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39185

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS5.8AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:45 a.m.15 views

EUVD-2026-39230

When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://vulners.com/cve/CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the shiro-guice module...

9.8CVSS5.9AI score0.24163EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/25 8:44 a.m.8 views

EUVD-2026-39229

"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed. This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and 3.0.0-alpha-1, only whe...

2CVSS5.9AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 8:40 a.m.8 views

EUVD-2026-39228

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

5.7AI score0.00111EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39226

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD queries When processing an MLD query, a pointer to the multicast group address is retrieved when initially parsing the packet. This pointer is later dereferenced without being...

5.8AI score0.00252EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39227

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

5.7AI score0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39225

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...

5.9AI score0.00181EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39224

In the Linux kernel, the following vulnerability has been resolved: tee: optee: prevent use-after-free when the client exits before the supplicant Commit 70b0d6b0a199 "tee: optee: Fix supplicant wait loop" made the client wait as killable so it can be interrupted during shutdown or after a...

5.8AI score0.00126EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39223

In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...

5.7AI score0.00164EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39222

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.7AI score0.00164EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39221

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

5.8AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39220

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.7AI score0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.34 views

EUVD-2026-39219

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrackirc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given...

5.7AI score0.00364EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39217

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

5.7AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39218

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

5.8AI score0.00128EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39216

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

5.8AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39215

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

5.8AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39214

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpaniphcmcastctxaddrcompress uses &data1 as destination and &ipaddr-s6addr11 as source, but both should be offset by one: &data2 and...

5.7AI score0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39213

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

5.8AI score0.00125EPSS
Exploits0References4
Total number of security vulnerabilities418230