Lucene search
K

2459 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.9 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39827)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39827 advisory. - An authenticated SSH client that repeatedly opened channels which were rejected by the server...

6.5CVSS5.6AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.33 views

CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

0.00143EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.31 views

CVE-2026-46184 sound: ua101: fix division by zero at probe

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

0.00128EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.12 views

SUSE CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-45978

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 12:18 p.m.26 views

CVE-2026-45978

The CVE-2026-45978 issue affects the Linux kernel (staging: greybus: lights). The underlying problem is in gb_lights_light_config(): it stores channel_count before allocating the channels array; if kcalloc() fails, the cleanup path may dereference a NULL light->channels. The fix is to allocate...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.41 views

CVE-2026-45978 staging: greybus: lights: avoid NULL deref

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: lights: avoid NULL deref gblightslightconfig stores channelcount before allocating the channels array. If kcalloc fails, gblightsrelease iterates the non-zero count and dereferences light-channels, which is NULL...

0.00123EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43845

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the greybus lights staging component. The function gb lights light config stores the channel count before the channels array is allocated. If the...

5.5CVSS5.5AI score0.00123EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/26 1:7 p.m.14 views

Fake software on GitHub and SourceForge distribute Deno RAT

During our threat hunting activities, we found fake installers and plugins impersonating popular software including ChatGPT, Claude, AutoTune, and Kontakt on GitHub and SourceForge distributing a Deno backdoor known as DinDoor. Attackers are using compromised YouTube channels to distribute links ...

6AI score
Exploits0
Circl
Circl
added 2026/05/25 2:0 a.m.11 views

CVE-2026-36239

creationtimestamp| type| source ---|---|--- 2026-05-25 02:00:04+00:00| seen| https://t.me/GithubRedTeam/85759 2026-05-25 03:00:10+00:00| seen| Telegram/PWXxTbzLBS2I2NTEEZXYxWglH9J71PY-BvJO95sfjgRqY3E 2026-05-25 09:00:04+00:00| seen| Telegram/hq1WnakkbxJpSdatpwq9NAKRiUtHFa8ysgfQqaCqIO8mwqo...

4.3CVSS5.9AI score0.00251EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-39827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/23 1:29 a.m.30 views

SUSE CVE-2026-39827

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References24
Snyk
Snyk
added 2026/05/22 1:44 p.m.12 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the API response process. An attacker can access sensitive information about team member roles by invoking various team API endpoints without having elevated permissions. Remediation Upgrade...

5.3CVSS5.8AI score0.00184EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/22 1:44 p.m.10 views

Incorrect Authorization

Overview github.com/mattermost/mattermost/server/v8/channels/api4 is a platform for secure collaboration across the entire software development lifecycle Affected versions of this package are vulnerable to Incorrect Authorization via the API response process. An attacker can access sensitive...

5.3CVSS5.8AI score0.00184EPSS
Exploits0References2
NVD
NVD
added 2026/05/22 4:16 a.m.15 views

CVE-2026-39827

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

6.5CVSS0.00196EPSS
Exploits0References4
OSV
OSV
added 2026/05/22 4:16 a.m.3 views

UBUNTU-CVE-2026-39827

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:31 a.m.10 views

CVE-2026-39827

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

5.8AI score0.00196EPSS
Exploits0References5
CVE
CVE
added 2026/05/22 2:31 a.m.80 views

CVE-2026-39827

The CVE-2026-39827 issue (an authenticated SSH client repeatedly opening channels that are rejected by the server) caused unbounded memory growth and server process crashes. All affected SUSE/openSUSE advisories indicate the fix is included in rclone-1.74.2-1.1 for GA media on openSUSE Tumbleweed...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.59 views

CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

0.00196EPSS
Exploits0References4
Rows per page
Query Builder