Lucene search
K

950 matches found

Snyk
Snyk
added 2026/05/22 1:11 p.m.11 views

Unsynchronized Access to Shared Data in a Multithreaded Context

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.6CVSS5.8AI score0.00077EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 1:11 p.m.13 views

Unsynchronized Access to Shared Data in a Multithreaded Context

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.6CVSS5.8AI score0.00077EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 1:11 p.m.13 views

Unsynchronized Access to Shared Data in a Multithreaded Context

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.6CVSS5.8AI score0.00077EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 1:11 p.m.9 views

Unsynchronized Access to Shared Data in a Multithreaded Context

Overview Affected versions of this package are vulnerable to Unsynchronized Access to Shared Data in a Multithreaded Context via a race condition in the distribute-cache process. An attacker can gain unauthorized access to file descriptors by connecting to the affected service during the race...

5.6CVSS5.8AI score0.00077EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 10:16 a.m.15 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS0.00172EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:20 a.m.9 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS5.8AI score0.00172EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 9:20 a.m.92 views

CVE-2026-39461

The CVE-2026-39461 issue affects libcasper(3), which communicates with helper processes over UNIX domain sockets and uses select(2) to wait for data. The problem is that it does not verify that its socket descriptor fits within FD_SETSIZE (1024), potentially allowing an application that opens man...

8.8CVSS5.8AI score0.00172EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.37 views

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000160874)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160874 advisory. When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP...

8.7CVSS5.8AI score0.003EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fsverity: The FSIOCENABLEVERITY function is rejected when called on a file descriptor in mode 3. Commit 56124d6c87fd “fsverity: support enabling with tree block size fmode & FMODEREAD condition in kernelread became reachable...

5.5CVSS6.4AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libtirpc

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that used libtirpc, as idle TCP connections were handled improperly. This could lead to an svcrun infinite loop without accepting new connections...

7.5CVSS7.5AI score0.02088EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...

6.5CVSS6.5AI score0.0131EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Motorola Factory Test 安全漏洞

Motorola Factory Test is a mobile device hardware testing and production testing tool developed by the American company Motorola. Motorola Factory Test contains a security vulnerability. This vulnerability stems from the use of references to writable file descriptors in applications, which may...

8.4CVSS5.8AI score0.00162EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 4:16 p.m.6 views

CVE-2026-39455

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS0.003EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.9 views

CVE-2026-39455 BIG-IP Configuration utility vulnerability

When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS5.8AI score0.003EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2026/05/13 12:25 p.m.12 views

K000160874: BIG-IP Configuration utility vulnerability CVE-2026-39455

Security Advisory Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. CVE-2026-39455 Impact The Configuration utility stops...

8.7CVSS5.7AI score0.003EPSS
Exploits0Affected Software11
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.8 views

PT-2026-40640

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication,...

8.7CVSS5.8AI score0.003EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the use ...

8.7CVSS5.8AI score0.003EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 8:1 a.m.3 views

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

7.8CVSS5.3AI score0.00151EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/30 8:1 a.m.5 views

CVE-2026-39457 Stack overflow via select() file descriptor set overflow

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

5.3AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/30 8:1 a.m.37 views

CVE-2026-39457 Stack overflow via select() file descriptor set overflow

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

0.00151EPSS
Exploits0References1
Rows per page
Query Builder