Lucene search
K

1311 matches found

NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53312

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...

5.5CVSS0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.6 views

UBUNTU-CVE-2026-53312

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39847

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...

5.9AI score0.00112EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.7 views

CVE-2026-53312

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...

5.5CVSS5.9AI score0.00112EPSS
Exploits0
CVE
CVE
added 2026/06/26 7:41 p.m.13 views

CVE-2026-53312

In CVE-2026-53312, a Linux kernel iommu/riscv vulnerability is resolved: an integer overflow in the invalidation path could cause an infinite loop when handling sign-extended page tables (ULONG_MAX) during a gather/end computation. The fix moves the +1 away from the potentially overflowed compari...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.7 views

SUSE CVE-2026-53265

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 12:32 a.m.6 views

EUVD-2025-210341

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS5.9AI score0.00266EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52951

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RISC-V IOMMU invalidation path. Because RISC-V supports sign extended page tables, a gather-end value of ULONG MAX can cause an infinite loop due to an integer...

5.5CVSS6AI score0.00112EPSS
Exploits0References17
NVD
NVD
added 2026/06/25 10:16 p.m.8 views

CVE-2025-71335

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS0.00266EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/25 9:41 p.m.19 views

CVE-2025-71335 Flowise - Session Invalidation Failure After Password Change

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS0.00266EPSS
Exploits1References2
CVE
CVE
added 2026/06/25 9:41 p.m.16 views

CVE-2025-71335

Flowise prior to version 3.0.10 is affected. Versions 3.0.7 and earlier do not invalidate existing sessions or session tokens after a user changes their password, allowing an attacker with an active session (e.g., via a stolen token or an already-logged-in device) to remain authenticated post-pas...

8.6CVSS5.9AI score0.00266EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:41 p.m.9 views

CVE-2025-71335

Flowise before 3.0.10 affected versions 3.0.7 and earlier fails to invalidate existing sessions and session tokens after a user changes their password. An attacker who already holds an active session, for example via a stolen session token or a device left logged in, remains authenticated as the...

8.6CVSS5.9AI score0.00266EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:10 p.m.6 views

CVE-2026-56774

Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authenticated users to delete other users' Remember Me sessions. Attackers can enumerate sequential session...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53201

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...

7.8CVSS5.7AI score0.00137EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.32 views

CVE-2026-53265 dm cache policy smq: check allocation under invalidate lock

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

7.8CVSS0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53265 dm cache policy smq: check allocation under invalidate lock

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53201 Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...

7.8CVSS0.00137EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.17 views

PT-2026-52614

Name of the Vulnerable Software and Affected Versions Flowise versions 3.0.0 through 3.0.7 Description Flowise fails to invalidate existing sessions and session tokens after a user changes their password. This allows an attacker who possesses an active session, such as through a stolen session...

8.6CVSS5.8AI score0.00266EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53062

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache policy smq: fix missing locks in invalidating cache blocks In passthrough mode, the policy invalidatemapping operation is called simultaneously from...

7.8CVSS6AI score0.00125EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53057

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...

8.8CVSS0.00127EPSS
Exploits0References3
Rows per page
Query Builder