Lucene search
K

3254 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-53354

A flaw was found in the Linux kernel, affecting systems running on certain Arm processors. This vulnerability involves an issue with how the system handles Translation Lookaside Buffer Invalidation TLBI operations. Specifically, a sequence of operations intended to invalidate memory translations...

7CVSS5.8AI score0.00182EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago4 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40988

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...

9.1CVSS6.2AI score0.00463EPSS
Exploits0References9
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-40326

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 days ago4 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago8 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago4 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago4 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ublk: reset per-IO canceled flag on each fetch If a ublk server starts recovering devices but dies before issuing fetch commands for all IOs, cancellation of th...

5.8AI score0.00145EPSS
Exploits0References3
EUVD
EUVD
added last week6 views

EUVD-2026-39857

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfiopcicoreclosedevice call vfiopcidmabufcleanup before the function is disabled via vfiopcicoredisable. This ensures that all access via DMABUFs is...

5.8AI score0.00174EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-53249

A flaw was found in the Linux kernel's IPv4 networking component. This vulnerability allows an unprivileged application to set specific IP options, namely Loose Source and Record Route LSRR and Strict Source and Record Route SSRR. By exploiting this, an attacker can force network packets to...

7CVSS5.8AI score0.00184EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.6 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53249

In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...

0.00184EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53249

In the Linux kernel, CVE-2026-53249 affects the IPv4 handling of LSRR and SSRR options. The implemented patch restricts setting IPOPT_SSRR and IPOPT_LSRR to users with CAP_NET_RAW, preventing unprivileged applications from steering traffic through attacker-controlled nodes to leak TCP ISN and pot...

5.7AI score0.00184EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 7:40 a.m.9 views

BIT-PYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

6.1CVSS5.2AI score0.00229EPSS
Exploits1References7
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38839

In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...

5.7AI score0.00133EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: flexproportions: making fpropnewperiod safe from hardirq issues. Bernd reported a deadlock issue in the flexible proportions code, which essentially complained about the following race conditions: runtimersoftirq – we’re in a...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dcehwseq before dereferencing it. WHAT hws was checked for being null earlier in dce110blankstream, indicating that hws can be null. This check should be performed whenever hws is used. Cherry-picked from...

7.8CVSS6AI score0.00196EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: The SQE128 flag is validated before accessing the cmd field. The ublkctrlcmddump function accesses the sqe-cmd field before checking the IOURINGFSQE128 flag. This could lead to out-of-boundary memory access. The flag...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References2
Rows per page
Query Builder