Lucene search
K

126 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 5:33 p.m.13 views

CVE-2026-49434

A flaw was found in Apache ActiveMQ. An attacker with privileges to publish or modify entries in Lightweight Directory Access Protocol LDAP can exploit an improper input validation vulnerability. This allows the attacker to instantiate denied transports within the broker's Java Virtual Machine JV...

7.6CVSS5.6AI score0.00659EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 9:55 a.m.8 views

EUVD-2026-40285

Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used...

7.5CVSS5.7AI score0.00659EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 11:39 a.m.3 views

SUSE-SU-2026:22475-1 Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-45.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References12
OSV
OSV
added 2026/06/25 11:39 a.m.2 views

SUSE-SU-2026:22476-1 Security update for the Linux Kernel (Live Patch 23 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-46.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...

9.8CVSS6AI score0.0049EPSS
Exploits8References12
OSV
OSV
added 2026/06/25 11:19 a.m.2 views

SUSE-SU-2026:22385-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References16
OSV
OSV
added 2026/06/24 9:59 a.m.3 views

SUSE-SU-2026:22403-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/24 9:59 a.m.3 views

SUSE-SU-2026:22409-1 Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/24 9:46 a.m.4 views

SUSE-SU-2026:22416-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/24 9:46 a.m.3 views

SUSE-SU-2026:22418-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/24 9:39 a.m.2 views

SUSE-SU-2026:22464-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/23 1:16 a.m.3 views

UBUNTU-CVE-2026-10645

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In ext2fetchdirentry subsys/fs/ext2/ext2diskops.c, the code only checks denamelen = EXT2MAXFILENAME and then copies the name with memcpy...

5.5CVSS6.1AI score0.00205EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 11:48 p.m.7 views

CVE-2026-10645

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In ext2fetchdirentry subsys/fs/ext2/ext2diskops.c, the code only checks denamelen = EXT2MAXFILENAME and then copies the name with memcpy...

4.9CVSS6.1AI score0.00205EPSS
Exploits1References2
CVE
CVE
added 2026/06/22 11:48 p.m.20 views

CVE-2026-10645

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-10645; no additional specifics on affected products or fixes are provided here.

5.5CVSS6.1AI score0.00205EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 11:48 p.m.40 views

CVE-2026-10645 fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal

Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In ext2fetchdirentry subsys/fs/ext2/ext2diskops.c, the code only checks denamelen = EXT2MAXFILENAME and then copies the name with memcpy...

4.9CVSS0.00205EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 7:4 a.m.15 views

Malicious code in node-multi-downloader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fc720cd970f4d19212ca90945b7fc1e4e1c64da98235ff595b3792ae69e3e68 On npm install, this package's postinstall hook node index.js hex-encodes the installer's current working directory, the first 15 entries of that...

5.3AI score
Exploits0References1
Amazon
Amazon
added 2026/06/08 12:0 a.m.16 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update CVE-2026-23171 In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refaul...

8.8CVSS5.5AI score0.00307EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.46 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1816)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1816 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update CVE-2026-23171 In the Linux kernel, the following...

8.8CVSS6AI score0.00307EPSS
Exploits1References44
OSV
OSV
added 2026/06/05 5:16 p.m.4 views

ALPINE-CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

7.1CVSS5.2AI score0.00225EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.17 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 9:16 p.m.17 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

7.5CVSS0.0035EPSS
Exploits0References4
Rows per page
Query Builder