Lucene search
K

124 matches found

OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-53349

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: destroy stale expectfn expectations on unregister NAT helpers such as nfnath323 store a raw pointer to module text in exp-expectfn e.g. ipnatq931expect. nfcthelperexpectfnunregister only unlinks the callba...

5.8AI score0.00161EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/06/25 2:20 a.m.8 views

SUSE CVE-2026-52923

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.7AI score0.00123EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:28 p.m.15 views

CVE-2026-52976

The CVE-2026-52976 issue affects the Linux kernel drm/xe driver. Two error-handling paths in xe_exec_queue_create_ioctl() can lead to memory corruption: (1) on xe_hw_engine_group_add_exec_queue() failure, the cleanup jumps to cleanup without xe_exec_queue_kill(), potentially leaving a queue in th...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References7
CVE
CVE
added 2026/06/08 2:30 p.m.41 views

CVE-2026-46274

CVE-2026-46274 (Linux kernel, io_wq) has concrete details: a bug in io_wq_remove_pending() allowed a non-hashed predecessor to be treated as hashed, causing a stale pointer in wq->hash_tail[] to persist and be dereferenced by future hashed bucket-0 enqueues. The root cause is that io_get_work_...

7.8CVSS5.4AI score0.00138EPSS
Exploits0References5Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that initiated the operation. That pointer will be used when the device is completed—which could happen at any time ...

7.8CVSS6.2AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “ice”: fixed the devlink reload call trace. The commit 4da71a77fc3b “ice: read internal temperature sensor” introduced the use of the internal temperature sensor via HWMON. The functions icehwmoninit and icehwmonexit were added t...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/11 2:17 p.m.15 views

SUSE CVE-2026-6722

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

8.1CVSS6.1AI score0.00739EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/05/10 4:19 a.m.18 views

CVE-2026-6722

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.8CVSS6.1AI score0.00739EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.11 views

PHP 资源管理错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a resource management vulnerability. This vulnerability stemmed from the object deduplication mechanism in the SOAP extension, which stored pointers to PHP...

9.8CVSS6.1AI score0.00739EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31657

In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadvblaaddclaim can replace claim-backbonegw and drop the old gateway's last reference while readers still follow the pointer. The netlink claim dump path dereferences...

9.8CVSS5.3AI score0.00399EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.8 views

SUSE CVE-2026-31511

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: fix fanout UAF in packetrelease via NETDEVUP race packetrelease has a race window where NETDEVUP can re-register a socket into a fanout group's arr array...

7.8CVSS6.3AI score0.00288EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status !=...

7.8CVSS7.1AI score0.00129EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper conditional checks in the mgmtaddadvpatternsmonitorcomplete function. This leads to the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a NETDEVUP condition that allows for the reuse of freed fanout resources after release. This can...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/26 6:35 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the pngsettRNS and pngsetPLTE functions, where a heap-allocated buffer is aliased between two structures with independent lifetimes. An attacker can cause memory corruption or potentially execute arbitrary code by...

8.1CVSS6.3AI score0.01052EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

libpng 资源管理错误漏洞

Libpng is an open-source PNG reference library developed by The PNG Development Group, which allows for the creation, reading, and other operations on PNG graphic files. Versions of Libpng prior to 1.6.55 contained a resource management vulnerability. This vulnerability stemmed from aliases and...

7.5CVSS6.3AI score0.01052EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2026/03/13 12:0 a.m.170 views

📄 Microsoft Windows Server 2025 jscript.dll Use-After-Free

The exploit targets a use-After-free vulnerability in the JScript engine component jscript.dll of Internet Explorer 11 on Windows Server 2025. ============================================================================================================================================= | Title :...

7.5CVSS5.8AI score0.21562EPSS
Exploits7
NVD
NVD
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23104

In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b "ice: read internal temperature sensor" introduced internal temperature sensor reading via HWMON. icehwmoninit was added to iceinitfeature and icehwmonexit was added to...

5.5CVSS0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-58002)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-58002 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointer...

7.8CVSS6.7AI score0.00229EPSS
Exploits0References2
Rows per page
Query Builder