Lucene search
K

823 matches found

Hewlett-Packard
Hewlett-Packard
added 2026/05/20 12:0 a.m.11 views

NVIDIA Nano SSH Key Duplication

A potential security vulnerability has been identified in some HP ZGX Nano G1n AI Station products where identical SSH host keys were deployed during the manufacturing process prior to March 19th, 2026. Successful exploitation might lead to unauthorized code execution, privilege escalation, denia...

8.1CVSS5.8AI score0.00586EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/06 10:50 p.m.10 views

CVE-2026-43236

A flaw was found in the Linux kernel's drm/atmel-hlcdc component. An issue in the atmelhlcdcplaneatomicduplicatestate callback, which incorrectly duplicates the drmplanestate, can lead to a use-after-free vulnerability. This can be triggered when a device node is closed and re-opened while anothe...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.6 views

CVE-2026-43236

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix use-after-free of drmcrtccommit after release The atmelhlcdcplaneatomicduplicatestate callback was copying the atmelhlcdcplane state structure without properly duplicating the drmplanestate. In particular,...

7.8CVSS0.00135EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.6 views

CVE-2025-71273

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devmkmemdup in rtwsetsupportedband Simplify the code by using device managed memory allocations. This also fixes a memory leak in rtwregisterhw. The supported bands were not freed in the error path. Copied from...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-43236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/atmel-hlcdc: fix use-after-free of drmcrtccommit after release The atmelhlcdcplaneatomicduplicatestate callback was copying the atmelhlcdcplane state...

7.8CVSS6.9AI score0.00135EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37576

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the drm/atmel-hlcdc component. The atmel hlcdc plane atomic duplicate state callback copies the atmel hlcdc plane state structure...

8.5CVSS5.4AI score0.00135EPSS
Exploits0
Snyk
Snyk
added 2026/05/05 9:11 p.m.18 views

Improper Enforcement of Behavioral Workflow

Overview ethyca-fides is an Open-source ecosystem for data privacy as code. Affected versions of this package are vulnerable to Improper Enforcement of Behavioral Workflow in the privacy request approval process when both subjectidentityverificationrequired and...

7.4CVSS5.8AI score0.00313EPSS
Exploits0References4
OSV
OSV
added 2026/05/05 6:46 p.m.6 views

GHSA-8M7C-8M39-RV4X awslabs/tough Delegated Roles have a Signature Threshold Bypass

Summary Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a valid signature, causing the client to accept forged delegate...

7CVSS5.8AI score0.00262EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/05 6:46 p.m.6 views

EUVD-2026-25627

awslabs/tough Delegated Roles have a Signature Threshold Bypass...

7CVSS5.8AI score0.00262EPSS
Exploits0References7
OSV
OSV
added 2026/04/29 1:21 p.m.6 views

JLSEC-2026-312

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MMxstrdup in H5MM.c called from H5Genttolink in H5Glink.c...

8.8CVSS8.5AI score0.00814EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/25 1:38 a.m.8 views

SUSE CVE-2026-31594

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/04/24 8:16 p.m.5 views

CVE-2026-6966

Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a valid signature, causing the client to accept forged delegated role...

7CVSS0.00262EPSS
Exploits0References6
CVE
CVE
added 2026/04/24 7:38 p.m.23 views

CVE-2026-6966

The CVE-2026-6966 issue affects awslabs/tough prior to tough-v0.22.0, where improper verification of cryptographic signature uniqueness in delegated role validation can allow remote authenticated users to bypass the TUF signature threshold by duplicating a valid signature, causing the client to a...

7CVSS5.3AI score0.00262EPSS
Exploits0References6Affected Software2
RedhatCVE
RedhatCVE
added 2026/04/24 7:16 p.m.10 views

CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS5.2AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.5 views

PT-2026-35079

Name of the Vulnerable Software and Affected Versions awslabs/tough versions prior to 0.22.0 Description Improper verification of cryptographic signature uniqueness in delegated role validation allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a...

7CVSS5.2AI score0.00262EPSS
Exploits0References14
OSV
OSV
added 2026/04/22 6:31 p.m.5 views

GHSA-66FX-FQV6-5WWX Duplicate Advisory: uutils coreutils has a Link Following issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h444-6j9x-p8vh. This link is maintained to preserve external references. Original Description The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.6 views

Duplicate Advisory: uutils coreutils has a Link Following issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h444-6j9x-p8vh. This link is maintained to preserve external references. Original Description The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/22 5:16 p.m.9 views

CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS0.00161EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/22 4:8 p.m.6 views

CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS5.8AI score0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 4:8 p.m.26 views

CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS0.00161EPSS
Exploits0References2
Rows per page
Query Builder