Lucene search
K

2240 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

Intel AI Playground 代码问题漏洞

Intel AI Playground is an online platform operated by Intel Corporation in the United States. Previous versions of Intel AI Playground, including 3.0.0 alpha, had code vulnerabilities that stemmed from uncontrolled search paths, which could lead to privilege escalation...

5.4CVSS5.9AI score0.00089EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.18 views

PT-2026-40031

pam authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer lookup tcp src/peer lookup.c:134, prior to the fix allowed a crafted NETLINK SOCK DIAG reply to slip past the message-size check...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.8 views

@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +23 more potentially affected by CVE-2026-45321 via @tanstack/start-plugin-core (>=1.121.0-alpha.28 <=1.169.20)

@tanstack/start-plugin-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.1.1, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.97.4, =1.111.10, =1.141.0, =0.3.0, =0.7.0 and more Source cves: CVE-2026-45321 Source advisory:...

9.6CVSS7.5AI score0.02342EPSS
Exploits3
Snyk
Snyk
added 2026/05/11 2:48 p.m.9 views

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize in the parsing of Git objects with malformed or ambiguous commit or tag objects. An attacker can cause inconsistent interpretation of object metadata or signature validation by...

7.5CVSS5.8AI score0.00159EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.10 views

SUSE CVE-2026-43258

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/05/07 12:20 a.m.13 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3625 more potentially affected by CVE-2026-42583 via io.netty:netty-codec-compression (>=4.2.0.Alpha3 <=4.2.12.Final)

io.netty:netty-codec-compression MAVEN version =4.2.0.Alpha3, =0.1.0, =0.1.0, =4.7.4, =4.7.4, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42583 Source advisory: OSV:GHSA-MJ4R-2HFC-F8P6...

7.5CVSS6.7AI score0.00429EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/06 11:34 p.m.10 views

CVE-2026-43258

A flaw was found in the Linux kernel, specifically affecting Alpha systems when memory compaction is enabled. Insufficient Translation Lookaside Buffer TLB shootdown during page migration can lead to sporadic user-space crashes and heap corruption. This vulnerability can result in application...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.23 views

EUVD-2026-27817

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

5.8AI score0.00138EPSS
Exploits0References5
NVD
NVD
added 2026/05/06 12:16 p.m.55 views

CVE-2026-43258

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

7.8CVSS0.00138EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 11:28 a.m.25 views

CVE-2026-43258

CVE-2026-43258 concerns the Linux kernel: on Alpha systems, memory compaction can trigger user-space crashes and heap corruption due to insufficient TLB shootdown during page migration. Root cause involves ASN rollover and stale instruction translations surviving migration. The fix introduces a m...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.8 views

CVE-2026-43258

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

5.8AI score0.00138EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.49 views

CVE-2026-43258 alpha: fix user-space corruption during memory compaction

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

7.8CVSS0.00138EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37598

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Alpha systems may experience sporadic user-space crashes and heap corruption when memory compaction is enabled. This issue is caused by insufficient TLB Translation Lookaside Buffer...

7.8CVSS5.5AI score0.00138EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is...

7.8CVSS7.1AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient TLB invalidation during memory compression in the Alpha architecture. This...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/05 9:57 p.m.8 views

Memory Allocation with Excessive Size Value

Overview OpenTelemetry.OpAmp.Client is an OpAMP Client for OpenTelemetry .NET Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the PlainHttpTransport response handling in the OpAMP HTTP transport. An attacker can force the client to allocate...

8.2CVSS5.9AI score0.00311EPSS
Exploits0References2
OSV
OSV
added 2026/04/30 3:30 p.m.16 views

GHSA-HM32-HFMW-RHVG Keycloak has a Forced Browsing issue

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.8AI score0.00232EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/30 2:53 p.m.17 views

EUVD-2026-26381

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

5.4CVSS5.3AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/04/30 2:53 p.m.22 views

CVE-2026-7500

CVE-2026-7500 affects Keycloak server when started with --features-disabled=account,account-api. Affected component: Account REST API under /account/v1alpha1. Root cause: five endpoints remain fully functional because they lack the checkAccountApiEnabled() gate that blocks four other endpoints in...

5.4CVSS5.3AI score0.00232EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/28 6:30 a.m.8 views

BigSweetPotatoStudio HyperChat has a Server-Side Request Forgery issue

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder