|
2211
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Use waiter::task instead of current in remove_waiter()
remove_waiter() is used by the slowlock paths, but it is also use…
|
-
|
CVE-2026-43499
|
2026-05-23 01:33 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2212
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
ipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header…
|
-
|
CVE-2026-43501
|
2026-05-23 01:33 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2213
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net/rds: handle zerocopy send cleanup before the message is queued
A zerocopy send can fail after user pages have been pinned but…
|
-
|
CVE-2026-43502
|
2026-05-23 01:33 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2214
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs (aka Session Replay).
This issue affects Avantra: before 25.3.1.
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-8670
|
2026-05-23 01:32 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2215
|
7.5 |
HIGH
Adjacent
|
-
|
-
|
Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure.
This issue affects Avantra: before 25.3.0.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-8671
|
2026-05-23 01:32 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2216
|
5.1 |
MEDIUM
Local
|
-
|
-
|
Use of default password vulnerability in syslink software AG Avantra on Linux, Windows allows Try Common or Default Usernames and Passwords.
This issue affects Avantra: before 25.3.0.
|
CWE-1393
Use of Default Password
|
CVE-2026-8672
|
2026-05-23 01:32 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2217
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks.
This issue affects Avantra: before 25.3.0.
|
CWE-523
Unprotected Transport of Credentials
|
CVE-2026-8673
|
2026-05-23 01:32 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2218
|
7.5 |
HIGH
Network
|
-
|
-
|
Directory traversal in Follett Software's Destiny Library Manager 22_0_2_rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter
|
CWE-22
Path Traversal
|
CVE-2025-45145
|
2026-05-23 01:32 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2219
|
- |
|
-
|
-
|
Simple Hierarchical Select (SHS) for Drupal 7 contains cross-site scripting risk due to improper output escaping of term-derived text. Confirmed affected paths include field formatter output (shs_fie…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4929
|
2026-05-23 01:17 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2220
|
- |
|
-
|
-
|
In the Drupal 7 Term Reference Tree module, two stored XSS vectors exist in the widget/formatter rendering pipeline.
Vector A (token display templates): When the Token module is enabled and token di…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4093
|
2026-05-23 01:17 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
