VYPR

CVEs

345,046 total · page 36 of 6,901

  • CVE-2026-12488Jun 24, 2026
    risk 0.00cvss epss 0.00

    A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2.  A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability.

  • CVE-2026-3652Jun 24, 2026
    risk 0.00cvss epss 0.00

    The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value` parameter of the `arf_save_incomplete_form_data` AJAX action in all versions up to, and including, 7.1.3 due to insufficient input sanitization and output escaping. This makes it…

  • CVE-2026-11614Jun 24, 2026
    risk 0.00cvss epss 0.00

    The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_attributes' parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible…

  • CVE-2026-12681Jun 24, 2026
    risk 0.00cvss epss 0.00

    Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation. parseEfiSignatureList() does not advance the buffer past vendor bytes before reading entries. For hashSHA256SigGUID lists, this allows attacker-controlled vendor header…

  • CVE-2026-54639Jun 24, 2026
    risk 0.00cvss epss 0.00

    Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `convertTokenData(tokens, { output: 'object' });`; indirect usage, via using…

  • CVE-2025-60466Jun 24, 2026
    risk 0.00cvss epss 0.00

    A use-after-free in the gf_filter_pid_get_packet function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.

  • CVE-2025-60467Jun 24, 2026
    risk 0.00cvss epss 0.01

    A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.

  • CVE-2025-60468Jun 24, 2026
    risk 0.00cvss epss 0.00

    GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service (local). The component is: filter_core/filter_pid.c (L:574-580): function gf_filter_pid_inst_swap_delete_task()…

  • CVE-2025-60471Jun 24, 2026
    risk 0.00cvss epss 0.00

    A use-after-free in the gf_filter_pid_reconfigure_task_discard function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted media file.

  • CVE-2025-60473Jun 24, 2026
    risk 0.00cvss epss 0.00

    A NULL pointer dereference in the gf_filter_in_parent_chain function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted file.

  • CVE-2025-60474Jun 24, 2026
    risk 0.00cvss epss 0.01

    A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input.

  • CVE-2026-13201modJun 24, 2026
    risk 0.34cvss 5.2epss 0.00

    kubevirt: virt-handler-rhel9: kubevirt: safepath OpenAtNoFollow symlink following via /proc/self/fd allows host file metadata modification

  • CVE-2026-13208modJun 24, 2026
    risk 0.42cvss 6.5epss 0.00

    kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts VMI identity from unauthenticated gRPC request body

  • CVE-2026-49269Jun 24, 2026
    risk 0.00cvss epss 0.00

    Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app…

  • CVE-2026-52912modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: netfilter: nf_queue: hold bridge skb->dev while queued

  • CVE-2026-52913Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: v: stop OGMv2 on disabled interface

  • CVE-2026-52914Jun 24, 2026
    risk 0.00cvss epss 0.01

    kernel: batman-adv: fix fragment reassembly length accounting

  • CVE-2026-52915modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: ip6t_hbh: reject oversized option lists

  • CVE-2026-52916Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: frag: disallow unicast fragment in fragment

  • CVE-2026-52917modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: sctp: diag: reject stale associations in dump_one path

  • CVE-2026-52918modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: Bluetooth: serialize accept_q access

  • CVE-2026-52919Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: fix tp_meter counter underflow during shutdown

  • CVE-2026-52920modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: netfilter: xt_policy: fix strict mode inbound policy matching

  • CVE-2026-52921lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: ipset: stop hash:* range iteration at end

  • CVE-2026-52922Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: dat: handle forward allocation error

  • CVE-2026-52923impJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: ipc: limit next_id allocation to the valid ID range

  • CVE-2026-52924impJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: sctp: purge outqueue on stale COOKIE-ECHO handling

  • CVE-2026-52925modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: vrf: Fix a potential NPD when removing a port from a VRF

  • CVE-2026-52926Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: clear current gateway during teardown

  • CVE-2026-52927modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: ebtables: fix OOB read in compat_mtw_from_user

  • CVE-2026-52928lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: af_unix: Reject SIOCATMARK on non-stream sockets

  • CVE-2026-52929modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: sctp: stream: fully roll back denied add-stream state

  • CVE-2026-52930modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: ipc/shm: serialize orphan cleanup with shm_nattch updates

  • CVE-2026-52931Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: tp_meter: avoid use of uninit sender vars

  • CVE-2026-52932Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: xfrm: ipcomp: Free destination pages on acomp errors

  • CVE-2026-52933modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: io_uring/poll: fix signed comparison in io_poll_get_ownership()

  • CVE-2026-52934Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: batman-adv: tvlv: reject oversized TVLV packets

  • CVE-2026-52935modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: xfrm: espintcp: do not reuse an in-progress partial send

  • CVE-2026-52936lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: crypto: jitterentropy - replace long-held spinlock with mutex

  • CVE-2026-52937modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR

  • CVE-2026-52938Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: bpf: Fix NULL pointer dereference in bpf_sk_storage_clone and diag paths

  • CVE-2026-52939modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion

  • CVE-2026-52940modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: tun: zero the whole vnet header in tun_put_user()

  • CVE-2026-52941lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint

  • CVE-2026-52942modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: netfilter: nf_log: validate MAC header was set before dumping it

  • CVE-2026-52943impJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: net: skbuff: fix missing zerocopy reference in pskb_carve helpers

  • CVE-2026-52944Jun 24, 2026
    risk 0.00cvss epss 0.00

    kernel: ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE

  • CVE-2026-53091impJun 24, 2026
    risk 0.38cvss 7.0epss 0.00

    kernel: net: pull headers in qdisc_pkt_len_segs_init()

  • CVE-2026-53100lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: wifi: mt76: fix deadlock in remain-on-channel

  • CVE-2026-53125lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: md: fix array_state=clear sysfs deadlock