|
5131
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish
Lock all vCPUs when synchronizing and encrypting VMSAs for…
|
NVD-CWE-noinfo
|
CVE-2026-31591
|
2026-04-29 05:34 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5132
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock
Take and hold kvm->lock for before checking sev_guest() i…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-31592
|
2026-04-29 05:33 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5133
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rls_pdu.cpp of the component Radio Link Simulati…
|
CWE-248
Uncaught Exception
|
CVE-2026-7183
|
2026-04-29 05:27 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5134
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipu…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7154
|
2026-04-29 05:24 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5135
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The ma…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7155
|
2026-04-29 05:24 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5136
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argume…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7156
|
2026-04-29 05:24 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5137
|
7.8 |
HIGH
Local
|
dell
|
alienware_command_center
|
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnera…
|
CWE-272
Least Privilege Violation
|
CVE-2026-32655
|
2026-04-29 05:13 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5138
|
7.8 |
HIGH
Local
|
dell
|
alienware_command_center
|
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potenti…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2026-25908
|
2026-04-29 05:12 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5139
|
- |
|
-
|
-
|
An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed editable and cause script execution when the published page is rendered.
This…
|
CWE-79
Cross-site Scripting
|
CVE-2026-5362
|
2026-04-29 05:11 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5140
|
7.1 |
HIGH
Adjacent
|
-
|
-
|
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-28747
|
2026-04-29 05:11 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
