Lucene search
K

525 matches found

CVE
CVE
added 2026/03/25 10:27 a.m.15 views

CVE-2026-23331

The CVE-2026-23331 issue concerns the Linux kernel UDP 4-tuple hash table: when an auto-bound UDP socket is bound, connected, and then disconnected, the socket may be moved to a new hash slot without removing the old entry, leaving garbage in the 4-tuple chain. The fix is to remove such a socket ...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23331 udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to remove automatically bound connected sockets from the 4-tuple hash table when they...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/03/17 8:16 p.m.10 views

CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

7.5CVSS0.00342EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/17 7:0 p.m.4 views

CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS6AI score0.00342EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/17 7:0 p.m.2 views

CVE-2026-4358 Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS6AI score0.00342EPSS
Exploits1References1
CVE
CVE
added 2026/03/17 7:0 p.m.27 views

CVE-2026-4358

CVE-2026-4358 affects MongoDB's slot-based execution (SBE) engine. A specially crafted aggregation query using $lookup, issued by an authenticated user with write privileges, can trigger a double-free or use-after-free in the in-memory hash table that is spilled to disk, creating a memory-safety ...

7.5CVSS6AI score0.00342EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/17 7:0 p.m.24 views

CVE-2026-4358 Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS0.00342EPSS
Exploits1References1
MongoDB
MongoDB
added 2026/03/17 7:0 p.m.11 views

Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

7.5CVSS5.5AI score0.00342EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.8 views

PT-2026-25937

Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description A specially crafted aggregation query utilizing the $lookup operator, submitted by an authenticated user possessing write privileges, can lead to a double-free or use-after-free memory issue...

7.5CVSS6AI score0.00342EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/12 4:17 p.m.9 views

php: heap-based buffer overflow in array_merge()

A flaw was found in PHP. A heap-based buffer overflow occurs in the arraymerge function when the total element count of packed arrays exceeds the 32-bit limit or the internal HTMAXSIZE due to an integer overflow in the precomputation of element counts using the zendhashnumelements function, causi...

8.2CVSS6AI score0.00428EPSS
Exploits1References5
OSV
OSV
added 2026/03/02 11:23 a.m.7 views

CLSA-2026-1772450608 libpng15: Fix of CVE-2026-25646

CVE-2026-25646: fix heap buffer overflow in pngsetquantize caused by stale palette indices in the color distance hash table...

8.3CVSS6.2AI score0.00955EPSS
Exploits1References1
OSV
OSV
added 2026/03/02 11:5 a.m.6 views

CLSA-2026-1772449504 libpng15: Fix of CVE-2026-25646

CVE-2026-25646: fix heap buffer overflow in pngsetquantize caused by stale palette indices in the color distance hash table...

8.3CVSS6.2AI score0.00955EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/02/28 12:24 a.m.5 views

SUSE CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References13
NVD
NVD
added 2026/02/25 10:16 p.m.5 views

CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

7.5CVSS0.00476EPSS
Exploits1References8
OSV
OSV
added 2026/02/25 10:16 p.m.4 views

UBUNTU-CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

7.5CVSS5.8AI score0.00476EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2026/02/25 10:16 p.m.4 views

CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

7.5CVSS5.9AI score0.00476EPSS
Exploits1References9
AlpineLinux
AlpineLinux
added 2026/02/25 9:1 p.m.3 views

CVE-2026-26986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

7.5CVSS6AI score0.00476EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/02/25 9:1 p.m.28 views

CVE-2026-26986 FreeRDP has heap-use-after-free in rail_window_free

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

6.9CVSS0.00476EPSS
Exploits1References8
EUVD
EUVD
added 2026/02/25 9:1 p.m.6 views

EUVD-2026-8748

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...

6.9CVSS5.5AI score0.00476EPSS
Exploits1References8
Rows per page
Query Builder