CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A use-after-free vulnerability exists in the Linux kernel’s net/sched:clsu32 component, which can be exploited to achieve local privilege escalation. When the u32change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This...

7.8CVSS6.7AI score0.00296EPSS

7.8CVSS6.7AI score0.00413EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15

A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. When nftablesdelrule is flushing table rules, it does not check whether the chain is bound, and the owner rule of the chain may also release objects under...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check if extcaps is valid in BL setup. LVDS connectors do not have extended backlight caps; therefore, check whether the pointer is valid before accessing it. Selected from commit...

5.5CVSS5.3AI score0.00107EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в libxml2

Possible cross-site scripting vulnerability in libxml after commit 960f0e2...

6.1CVSS6.4AI score0.00749EPSS

7.8CVSS6.4AI score0.00256EPSS

Astra Linux - уязвимость в linux-5.10

iouring uses workFlags to determine which identities need to be retrieved from the calling process, ensuring that they are consistent with the calling process when executing IORINGOP. Some operations lack certain types, which can lead to incorrect reference counts, potentially causing a...

7.8CVSS6.6AI score0.00274EPSS

Astra Linux - уязвимость в linux, linux-5.10

There is a use-after-free in iouring in the Linux kernel. The signalfdpoll and binderpoll functions use a waitqueue whose lifetime is the current task. The waitqueue will send a POLLFREE notification to all waiters before it is freed. Unfortunately, the iouring poll does not handle POLFREE. This...

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/idle: Marking archcpuidle as having no instructions The linux-next commit “cpuidle: tracing: Warning about !rcuiswatching” adds a new warning that affects the archcpuidle function on the s390 architecture. WARNING: “CPU: 2...

5.2AI score0.00186EPSS

Exploits0References1

5.5CVSS5.5AI score0.00137EPSS

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Properly handle cases where an enclosure contains only one primary component. This fix reverts to commit 3fe97ff3d949 “scsi: ses: Do not attach if the enclosure has no components”. It also introduces proper handling fo...

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A use-after-free vulnerability exists in the Linux kernel’s net/sched: schhfsc HFSC qdisc traffic control component. This vulnerability can be exploited to achieve local privilege escalation. If a class with a link-sharing curve i.e., with the HFSCFSC flag set has a parent without a link-sharing...

7.8CVSS6.7AI score0.00287EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в tiff

In the libtiff 4.3.0 version of tiffcp, an accessible assertion allows attackers to cause a denial-of-service attack through a crafted tiff file. For users who compile libtiff from source code, this fix is available in the commit 5e180045...

6.5CVSS6.7AI score0.01478EPSS

5.5CVSS6.7AI score0.0125EPSS

Astra Linux - уязвимость в tiff

A null source pointer passed as an argument to the memcopy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, a fix is available in the commit...

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в tiff

A null source pointer passed as an argument to the memcopy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, this fix is available in the...

5.5CVSS6.4AI score0.0125EPSS

5.5CVSS6.7AI score0.0133EPSS

Astra Linux - уязвимость в tiff

A out-of-bounds read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service attack through a crafted tiff file. For users who compile libtiff from source code, the fix is available in the commit 408976c4...

6.8CVSS6.8AI score0.00435EPSS

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3609 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.8AI score0.00435EPSS

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3502 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в tiff

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3724 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

6.8CVSS6.8AI score0.00435EPSS