Lucene search
K

23700 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtasflash: allows user copy to flash block cache objects With hardened usercopy enabled CONFIGHARDENEDUSERCOPY=y, using the /proc/powerpc/rtas/firmwareupdate interface to prepare a system firmware update results in a BUG:...

7.8CVSS5.4AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: F2FS: fixed potential corruption when moving a directory. F2FS also has the same issue in ext4rename, which causes a crash, as revealed by xfstests/generic/707. See also commit 0813299c586b “ext4: Fix possible corruption when...

5.5AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Synchronize atomic write aborts To address the race condition between atomic write aborts, I use the inode lock and ensure that the COW inode can be reused throughout the entire lifetime of the atomic file inode...

5.2AI score0.00198EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: – Parsing the DT Device Tree for flashes along with the rest of the DT parsing. The recent refactoring of the code responsible for enabling runtime PM was implemented in the commit f1eb4e792bb1 „spi:...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: The issue was fixed by dropping all dirty pages during umount if cperror is set. The xfstest generic/361 report indicates a bug as follows: f2fsbugonsbi, sbi-fsyncnodenum; Kernel bug located at fs/f2fs/super.c:1627! RIP:...

5.7AI score0.0018EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to prevent race conditions during the fsyncentryslab access by multiple f2fs filesystem instances. As reported by syzbot, there is a use-after-free issue during f2fs recovery: A use-after-free occurs when...

5.5CVSS6.1AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed a NULL pointer derefrence in f2fssubmitpagewrite BUG: NULL pointer derefrence in the kernel; address: 0000000000000014 RIP: 0010:f2fssubmitpagewrite+0x6cf/0x780 f2fs Call Trace: ? show regs+0x6e/0x80 ? die+0x29/0x70 ?...

5.5CVSS5.8AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mtd: maps: pxa2xx-flash: fixed a memory leak in the probe function. Added “free ‘info’” upon remapping errors to avoid memory leaks. : Reworded the commit log...

5.5CVSS5.4AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid potential deadlocks. The function f2fstrylockop was used in f2fswritecompressedpages to prevent potential deadlocks, just as we did in f2fswritesingledatapage...

5.5CVSS5.3AI score0.0017EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing in ESI. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should...

5.5CVSS5.4AI score0.00128EPSS
Exploits0References2
OSV
OSV
added 2026/06/10 10:13 p.m.6 views

GHSA-9PG3-25FQ-P6CC nebula-mesh: Newly-minted operator API key exposed in redirect URL (Referer, history, proxy logs)

internal/web/operators.go:251 — after handleOperatorCreateAPIKey mints a fresh 32-byte bearer token, the redirect points the operator's browser at: /ui/operators/?newkey=&keyname= The raw API key ends up: - in the browser's URL history - in the Referer header on every cross-origin asset the detai...

5.5CVSS5.5AI score0.00012EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.8 views

CVE-2026-42608

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, there is a Path Traversal vulnerability within the FormFlash core component. By manipulating the sessionid passed as form-flash-id in POST requests, an unauthenticated attacker can traverse the filesystem to create arbitrary directories an...

9.3CVSS5.6AI score0.00521EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from...

4.7CVSS5.9AI score0.00093EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:6 a.m.8 views

mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()

...

7.1CVSS5.4AI score0.00131EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.12 views

CVE-2026-46175

A flaw was found in the Linux kernel's f2fs filesystem. During Foreground Garbage Collection FGGC of node blocks, the system fails to properly clear internal metadata marks. This can lead to filesystem inconsistencies, where the fsck utility may misinterpret the state of migrated data. A local us...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46175

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...

7.1CVSS5.7AI score0.00124EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nodecnt competition between the destruction and write-back operations of extent nodes in f2fs...

5.8AI score0.00093EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.14 views

CVE-2018-25377 Flash Slideshow Maker Professional 5.20 Buffer Overflow SEH

Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...

8.6CVSS6.5AI score0.00182EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/25 2:15 p.m.23 views

CVE-2018-25377 Flash Slideshow Maker Professional 5.20 Buffer Overflow SEH

Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...

8.6CVSS0.00182EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/25 2:15 p.m.14 views

EUVD-2018-21899

Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...

8.6CVSS6.5AI score0.00182EPSS
Exploits0References3
Rows per page
Query Builder