Aggregator

CVE-2014-2540 | OrbitScripts Orbit Open Ad Server prior 1.1.0 site_directory_sort_field sql injection (EDB-32792 / BID-66667)

Vuldb Updates
5 days 2 hours ago
A vulnerability classified as critical has been found in OrbitScripts Orbit Open Ad Server. Affected is an unknown function. The manipulation of the argument site_directory_sort_field leads to sql injection. This vulnerability is traded as CVE-2014-2540. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2012-6131 | Roundup up to 1.4.19 @action cross site scripting (Nessus ID 85586 / XFDB-84190)

Vuldb Updates
5 days 2 hours ago
A vulnerability, which was classified as problematic, has been found in Roundup. Affected by this issue is some unknown functionality. This manipulation of the argument @action causes cross site scripting. This vulnerability is handled as CVE-2012-6131. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

Pear

Dark Feed IO
5 days 2 hours ago

You must login to view this content

cohenido

CVE-2026-31508 | Linux Kernel up to 6.19.10 netdev_destroy privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.19.10. The affected element is the function netdev_destroy. Executing a manipulation can lead to privilege escalation. This vulnerability is registered as CVE-2026-31508. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-31504 | Linux Kernel up to 6.19.10 packet_release arr[] use after free (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability was found in Linux Kernel up to 6.19.10. It has been classified as critical. The impacted element is the function packet_release. The manipulation of the argument arr[] leads to use after free. This vulnerability is uniquely identified as CVE-2026-31504. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-31496 | Linux Kernel up to 6.19.10 netfilter nf_conntrack_expect privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability has been found in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10 and classified as critical. The impacted element is the function nf_conntrack_expect of the component netfilter. Performing a manipulation results in privilege escalation. This vulnerability was named CVE-2026-31496. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2026-31495 | Linux Kernel up to 6.19.10 netfilter privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.19.10. This impacts an unknown function of the component netfilter. Such manipulation leads to privilege escalation. This vulnerability is listed as CVE-2026-31495. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2026-31503 | Linux Kernel up to 6.19.10 udp_lib_lport_inuse privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10. Impacted is the function udp_lib_lport_inuse. Such manipulation leads to privilege escalation. This vulnerability is documented as CVE-2026-31503. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-31473 | Linux Kernel up to 6.19.10 media media_request_ioctl_reinit use after free (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.19.10. This impacts the function media_request_ioctl_reinit of the component media. Performing a manipulation results in use after free. This vulnerability is reported as CVE-2026-31473. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-31480 | Linux Kernel up to 6.19.10 tracing cpus_write_lock deadlock (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.19.10. Affected by this vulnerability is the function cpus_write_lock of the component tracing. The manipulation leads to deadlock. This vulnerability is traded as CVE-2026-31480. Access to the local network is required for this attack to succeed. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-31492 | Linux Kernel up to 6.19.10 free_qp initialization (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10. The impacted element is the function free_qp. The manipulation results in improper initialization. This vulnerability is identified as CVE-2026-31492. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-31469 | Linux Kernel up to 6.19.10 virtio_net lib/percpu_counter.c free_old_xmit use after free (Nessus ID 313522)

Vuldb Updates
5 days 2 hours ago
A vulnerability was found in Linux Kernel up to 6.19.10 and classified as critical. This affects the function free_old_xmit in the library lib/percpu_counter.c of the component virtio_net. The manipulation results in use after free. This vulnerability is identified as CVE-2026-31469. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-33634 | aquasecurity setup-trivy/trivy-action/trivy up to 0.2.5 malicious code (GHSA-69fq-xp46-6x23)

Vuldb Updates
5 days 3 hours ago
A vulnerability marked as critical has been reported in aquasecurity setup-trivy, trivy-action and trivy up to 0.2.5. Impacted is an unknown function. The manipulation leads to embedded malicious code. This vulnerability is listed as CVE-2026-33634. The attack may be initiated remotely. In addition, an exploit is available. It is suggested to upgrade the affected component.
vuldb.com

Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs
5 days 3 hours ago
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence Braintrust security incident […]
Pierluigi Paganini

Lynx

Dark Feed IO
5 days 3 hours ago

You must login to view this content

cohenido

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams

Help Net Security
5 days 3 hours ago

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Your work apps are quietly handing 19 data points to someone Office work in 2026 relies on mobile apps used alongside personal tools like banking and messaging. Ten widely used workplace apps, including Gmail, Microsoft Teams, Zoom, Slack, and Notion, have over 12.5 billion Google Play downloads. Research from Incogni shows these apps collect an average of 19 data points … More →

The post Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams appeared first on Help Net Security.

Help Net Security

Managed ad