Lucene search
+L

968 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/13 9:49 p.m.3 views

Security Bulletin: vulerability in IBM Spectrum Symphony with spring framework

Summary vulerability in IBM Spectrum Symphony with spring framework Vulnerability Details CVEID:CVE-2024-38820 DESCRIPTION: The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could...

5.3CVSS5.8AI score0.05666EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/10 8:19 p.m.2 views

gnutls: gnutls: Remote Denial of Service via crafted ClientHello with invalid PSK binder

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS6AI score0.01382EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/09 6:31 p.m.3 views

EUVD-2026-20986

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS5.9AI score0.01382EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 6:16 p.m.3 views

ALPINE-CVE-2026-1584

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS5.8AI score0.01382EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 6:16 p.m.5 views

CVE-2026-1584

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS0.01382EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 6:0 p.m.26 views

CVE-2026-1584 Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS0.01382EPSS
Exploits0References3
CVE
CVE
added 2026/04/09 6:0 p.m.31 views

CVE-2026-1584

The CVE-2026-1584 entry concerns gnutls. A remote, unauthenticated attacker can trigger a NULL pointer dereference during TLS via a crafted ClientHello that has an invalid PSK binder, causing a server crash and remote DoS. Connected documents confirm this vulnerability across multiple sources (NV...

7.5CVSS5.9AI score0.01382EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/03/30 12:0 a.m.3 views

The vulnerability of the binder_update_page_range() function in the drivers/android/binder_alloc.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the binderupdatepagerange function in the drivers/android/binderalloc.c module of the Linux operating system’s kernel is related to the use of memory after deallocation. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity,...

8CVSS5.8AI score0.00168EPSS
Exploits0References12Affected Software3
SUSE CVE
SUSE CVE
added 2026/03/29 11:23 p.m.7 views

SUSE CVE-2026-23400

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/29 4:55 p.m.4 views

CVE-2026-23400

A flaw was found in the Linux kernel's rustbinder component. A local user could potentially trigger a deadlock condition. This occurs when the setnotificationdone function is called while the proc lock is already held and the current thread is not a 'looper' a thread designed to handle specific...

5.8AI score0.0009EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/29 3:30 p.m.5 views

EUVD-2026-16993

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.8AI score0.0009EPSS
Exploits0References4
NVD
NVD
added 2026/03/29 1:16 p.m.5 views

CVE-2026-23400

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.5CVSS0.0009EPSS
Exploits0References3
OSV
OSV
added 2026/03/29 1:16 p.m.6 views

UBUNTU-CVE-2026-23400

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/29 12:55 p.m.29 views

CVE-2026-23400 rust_binder: call set_notification_done() without proc lock

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

0.0009EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/29 12:55 p.m.2 views

CVE-2026-23400

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.8AI score0.0009EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/03/29 12:55 p.m.5 views

CVE-2026-23400

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.5CVSS5.4AI score0.0009EPSS
Exploits0
CVE
CVE
added 2026/03/29 12:55 p.m.32 views

CVE-2026-23400

Summary of CVE-2026-23400 : In the Linux kernel, the rust_binder component is affected by a deadlock risk when processing death notifications. The root cause is calling set_notification_done() while the process lock (proc lock) is still held and the current thread is not a looper, which can cause...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/29 12:55 p.m.4 views

CVE-2026-23400 rust_binder: call set_notification_done() without proc lock

In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/29 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from rustbinder calling setnotificationdone when holding the proc lock, potentially leading to a...

5.5CVSS5.8AI score0.0009EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-23400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of...

5.5CVSS5.3AI score0.0009EPSS
Exploits0References2
Rows per page
Query Builder